Cyber incident reporting law passes in New Jersey

New Jersey's state and local agencies and government contractors have been required to notify the state of cybersecurity incidents within 72 hours under a new law signed by Gov. Phil Murphy, according to StateScoop. Similar cyber incident reporting practices have also been mandated for the state's counties, law enforcement agencies, and public education entities. "As we continue to face an evolving threat landscape, we must also adapt the mechanisms in place that safeguard our state. This legislation will bolster New Jerseys security by expediting cybersecurity incident reporting and increase our resilience through effective communication," said Murphy. The New Jersey Office of Homeland Security and Preparedness, which will receive the cyber incident reports, has been tasked to develop reporting guidelines but the requirements set under the law will be effective immediately as it seeks to bolster its threat intelligence and attack mitigation efforts. "This new cyber incident reporting law will help connect the dots, allowing for effective collective incident response among all stakeholders," said state Office of Homeland Security and Preparedness Director Laurie Doran.