58:31-4 Development of cybersecurity system; exemptions.
4. a. Within 120 days after the effective date of this act, each water purveyor shall develop a cybersecurity program, in accordance with requirements established by the board, that defines and implements organization accountabilities and responsibilities for cyber risk management activities, and establishes policies, plans, processes, and procedures for identifying and mitigating cyber risk to its public water system. As part of the program, a water purveyor shall conduct risk assessments and implement appropriate controls to mitigate identified risks to the public water system, maintain situational awareness of cyber threats and vulnerabilities to the public water system, and create and exercise incident response and recovery plans.
A copy of the program developed pursuant to this subsection shall be provided to the New Jersey Cybersecurity and Communications Integration Cell, established pursuant to Executive Order No. 178 (2015) in the New Jersey Office of Homeland Security and Preparedness.
b. Within 60 days after developing the program required pursuant to subsection a. of this section, each water purveyor shall join the New Jersey Cybersecurity and Communications Integration Cell, established pursuant to Executive Order No. 178 (2015), and create a cybersecurity incident reporting process.
c. A water purveyor that does not have an internet-connected control system shall be exempt from the requirements of this section.
L.2017, c.133, s.4.
Copyright ©2024 LegalFix. All rights reserved. LegalFix is not a law firm, is not licensed to practice law, and does not provide legal advice, services, or representation. The information on this website is an overview of the legal insurance products you can purchase—or that may be provided by your employer as an employee benefit or by your credit union or other membership group as a membership benefit.
LegalFix provides its members with access to legal services through a network of provider law firms. LegalFix, its corporate entity, and its officers, directors, employees, agents, and contractors do not provide legal advice, services, or representation—directly or indirectly.
The articles and information on the site are not legal advice and should not be relied upon—they are for information purposes only. You should become a LegalFix member to get legal services from one of our provider law firms.
You should not disclose confidential or potentially incriminating information to LegalFix—you should only communicate such information to your provider law firm.
The benefits and legal services described in the LegalFix legal plans are not always available in all states or with all plans. See the legal plan Benefit Overview and the more comprehensive legal plan contract during checkout for coverage details in your state.
Use of this website, the purchase of legal insurance products, and access to the LegalFix network of provider law firms are subject to the LegalFix Terms of Service and Privacy Policy.
