(TRENTON) – Most small businesses are completely unprepared for a cyber breach simply due to a lack of awareness and with ‘hacking” and data breaches happening almost daily, many consumers are worried that businesses are not doing enough to protect their information.
Legislation helping to inform small businesses of the ways to protect themselves in a cybersecurity attack – sponsored by Assemblyman John F. McKeon, Andrew Zwicker and Valerie Vainieri Huttle–cleared its first legislative hurdle Thursday with approval by the Assembly Science, Innovation and Technology Committee.
“We’ve seen, in the last decade, over 20 of the most invasive hacks throughout the country affect millions of consumers — Target and Marriott corporations included. Large corporations are not the only businesses vulnerable to hacking or data breaching,” said McKeon (D-Essex, Morris). “All are at risk. We want businesses to continue to be successful and thrive in New Jersey. Strengthening their data security practices is a major part of that goal in this digital age.”
“Hacking or a data breach can happen as easily as opening a corrupted email,” said Zwicker (D-Hunterdon, Mercer, Middlesex, Somerset), who is a physicist and the chair of the Science, Innovation and Technology Committee. “These incidents have become an unfortunate consequence of the digital age. We can do more to help entrepreneurs prepare their businesses and their customer’s information.”
The bill (A-4854) would direct the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) to develop informational materials for New Jersey businesses concerning cybersecurity prevention and awareness. Materials would include, but not be limited to:
1) best practices concerning cyber risk management;
2) guidance concerning cybersecurity training;
3) guidance for establishing relevant policies;
4) and a comprehensive list of resources for businesses.
“When businesses cannot protect their customer’s information, the customer loses trust, and their desire to do business declines,” said Vainieri Huttle (D-Bergen). “All businesses, big or small, must take the appropriate steps to ensure their consumer and business data is secure. This legislation will make information that would help protect their businesses from hacking and data breaches more available to them.”
Upon request, this information would be provided to any business in the state as well as to any business that registers in the state after the effective date of the bill. The Cybersecurity and Communications Integration Cell, in consultation with the State’s Chief Technology Officer, would also establish a website with data and information concerning electronic mail fraud.
The bill will now go to the Assembly Speaker for further review.