ASSEMBLY, No. 4836
STATE OF NEW JERSEY
220th LEGISLATURE
INTRODUCED NOVEMBER 14, 2022
Sponsored by:
Assemblywoman SHANIQUE SPEIGHT
District 29 (Essex)
Assemblyman REGINALD W. ATKINS
District 20 (Union)
Assemblyman BENJIE E. WIMBERLY
District 35 (Bergen and Passaic)
Senator LINDA R. GREENSTEIN
District 14 (Mercer and Middlesex)
Senator JEAN STANFIELD
District 8 (Atlantic, Burlington and Camden)
Co-Sponsored by:
Assemblywoman Jimenez, Assemblymen Mejia, Tully, Assemblywomen Mosquera, Lopez and Senator O'Scanlon
SYNOPSIS
Requires Office of Emergency Management to incorporate into State Emergency Operations Plan framework to address cybersecurity incidents.
CURRENT VERSION OF TEXT
As reported by the Assembly Homeland Security and State Preparedness Committee on January 19, 2023, with amendments.
An Act concerning 1[State emergency response plans] cybersecurity incidents1 and amending P.L.1989, c.222.
Be It Enacted by the Senate and General Assembly of the State of New Jersey:
1. Section 18 of P.L.1989, c.222 (C.App.A:9-43.1) is amended to read as follows:
18. The State Office of Emergency Management shall adopt a State Emergency Operations Plan, including rules, regulations, and guidelines, that shall be reviewed and updated at least every two years.
a. The plan shall include, but not be limited to, provisions which shall be developed in consultation with:
(1) the Department of Agriculture, to support the needs of animals and individuals with an animal under their care, including domestic livestock, a domesticated animal, or a service animal, in a major disaster or emergency; [and] 1and1
(2) the Department of Health, to provide for a coordinated Statewide evacuation strategy for all hospitals and other health care facilities in the State, alternative sources of care for evacuated patients, and proposed sites of temporary shelter in the event of an emergency. The Statewide evacuation strategy shall be based on evacuation plans prepared pursuant to section 19 of P.L.1989, c.222 (C.App.A:9-43.2) and submitted to the State Office of Emergency Management by each county and municipality in the State pursuant to section 21 of P.L.1989, c.222 (C.App.A:9-43.4)1[; and
(3) the Office of Information Technology, to develop a coordinated Statewide response plan to address Internet outages caused by a cyberattack or other natural or human-made disaster]1.
b. The plan shall:
(1) include provisions that specifically address the need for the safe and timely evacuation of the families and dependents of the emergency responders rendering major disaster or emergency services; 1[and]1
(2) incorporate the results of the risk assessment conducted in accordance with the county storm preparedness funding program established pursuant to section 2 of P.L.2017, c.63 (C.App.A:9-43.17) 1; and
(3) incorporate a framework to address cybersecurity incidents that shall, at a minimum, serve as a mechanism to facilitate and coordinate preparation for detection, analysis, containment and eradication of, and recovery from, a cybersecurity incident, and to prescribe post-incident activity1 .
c. In addition, the State Office of Emergency Management and each county and municipal emergency management agency shall take appropriate steps to educate the public regarding the resources available in the event of an emergency and the importance of emergency preparedness planning.
(cf: P.L.2017, c.63, s.3)
2. This act shall take effect immediately, but shall remain inoperative for 120 days following the date of enactment.