NJ A4198

Bill

Requires New Jersey Cybersecurity and Communications Integration Cell to study cybersecurity infastructure and establish cybersecurity guidelines.

Introduced
02/19/2026

In Committee
02/19/2026

Crossed Over

Passed

Dead

Introduced Session

2026-2027 Regular Session

Bill Summary

This bill requires the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) to study the State's cybersecurity infrastructure and promulgate cybersecurity guidelines. Under the bill, the NJCCIC is required to conduct a 12-month study of the cybersecurity infrastructure of public entities and private businesses that conduct business in this State for the purpose of identifying potential cybersecurity threats and vulnerabilities to cyberattacks. Within 120 days of the bill's effective date, the NJCCIC is to establish parameters for the study, which are to include the requirement for public entities and private businesses that conduct business within the State to report to the NJCCIC, for a period of 12 months, any cybersecurity incident or breach of security and the results of the subsequent investigation of the cybersecurity incident or breach of security. The bill provides that within six months of the conclusion of the 12-month study, the NJCCIC is to establish cybersecurity guidelines for all public entities and private businesses that conduct business in the State based on the data collected under the bill. Public entities and private businesses that conduct business in the State are required to implement the cybersecurity guidelines within one year of the establishment of the guidelines, after which time a penalty may be imposed for failure to implement the guidelines. Further, under the bill, the NJCCIC is to monitor cybersecurity incidents and breaches of security after public entities and private businesses have implemented the required guidelines and modify the guidelines, as necessary. Finally, the Department of Homeland Security and Preparedness it to adopt, pursuant to the "Administrative Procedure Act," a schedule of civil administrative penalties to be applied for the failure of a public entity or private business that conducts business in the State to implement the required guidelines and rules and regulations to implement the provisions of the bill.

AI Summary

This bill mandates that the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), an entity established to integrate cybersecurity and communication efforts, conduct a comprehensive 12-month study of the cybersecurity infrastructure of both public entities (like state and local government bodies) and private businesses operating within New Jersey. The primary goal of this study is to identify potential threats and vulnerabilities to cyberattacks. To facilitate this, the NJCCIC will set specific reporting parameters within 120 days of the bill's enactment, requiring these public and private entities to report any cybersecurity incidents or breaches of security, along with the findings of their investigations, for the duration of the study. Following the study's conclusion, the NJCCIC will have six months to develop and establish cybersecurity guidelines for all affected entities, based on the collected data. These entities will then have one year to implement these guidelines, after which penalties may be imposed for non-compliance. The NJCCIC will continue to monitor cybersecurity events and update the guidelines as needed, and the Department of Homeland Security and Preparedness will establish a schedule of civil penalties for failure to comply.

Committee Categories

Business and Industry

Sponsors (1)

Carol Murphy (D)*,

Last Action

Introduced, Referred to Assembly Science, Innovation and Technology Committee (on 02/19/2026)

Official Document

https://www.njleg.state.nj.us/bill-search/2026/A4198

(3 Companion Bills)

Version:

Document Type	Source Location
State Bill Page	https://www.njleg.state.nj.us/bill-search/2026/A4198
BillText	https://pub.njleg.gov/Bills/2026/A4500/4198_I1.HTM

Bill	Bill Name	Last Action	Type
A1204	Requires New Jersey Cybersecurity and Communications Integration Cell to study cybersecurity infrastructure and establish cybersecurity guidelines.	Assembly Labor Hearing (10:00:00 2/5/2024 Committee Room 11, 4th Floor, State House Annex, Trenton, NJ)	Carry Over
S1053	Requires New Jersey Cybersecurity and Communications Integration Cell to study cybersecurity infastructure and establish cybersecurity guidelines.	Introduced in the Senate, Referred to Senate Law and Public Safety Committee	Carry Over
S1225	Requires New Jersey Cybersecurity and Communications Integration Cell to study cybersecurity infastructure and establish cybersecurity guidelines.	Introduced in the Senate, Referred to Senate Law and Public Safety Committee	Same As

Bill > A4198

summary

Introduced Session

Bill Summary

AI Summary

Committee Categories

Sponsors (1)

Last Action

Official Document

bill text

bill summary

bill summary

bill summary