Incident reporting goes to the New Jersey Office of Homeland Security and Preparedness (NJOHSP), which will be crafting and publishing guidelines to support “the timely and confidential submission of incident notifications,” per an NJOHSP press release.
The reporting requirement “will take effect immediately,” per the release.
The law aims to help NJOHSP’s cybersecurity division — the New Jersey Cybersecurity and Communications Integration Cell — be better informed about trends and more quickly and effectively respond to and defend against incidents.
“By intaking cybersecurity incident reports, the NJCCIC can provide assistance to the affected public agencies to help them respond to and recover from an attack,” said NJCCIC Director Michael Geraghty in a statement. “It also allows the NJCCIC to help prevent further compromises of public agencies by sharing the techniques, tactics and protocols the attackers used and the best practices to thwart them.”
Last year, NJCCIC received 375 confirmed cyber incident reports. That fails to capture the full scope.
“In New Jersey alone, thousands of cybercrime cases occur each week, with our schools, hospitals and police departments among the entities most affected,” said Sen. Fred Madden, one of the bill’s sponsors, in a statement.
Entities can report cyber incidents at cyber.nj.gov or by calling 833-4-NJCCIC.
Organizations can also receive cybersecurity-related updates and alerts from NJCCIC by signing up for membership at cyber.nj.gov