The Gaming Industry Cybersecurity Act mandates that all casino and sports wagering licensees, along with their contracted operators, establish and implement a cybersecurity program that aligns with the latest standards set by the National Institute of Standards and Technology or the International Organization for Standardization. Within 180 days of the bill's enactment, these entities must also develop employee training programs on cybersecurity best practices. Additionally, they are required to conduct annual audits of their cybersecurity programs by independent third parties, with findings submitted to the Division of Gaming Enforcement and the New Jersey Cybersecurity and Communications Integration Cell. The bill outlines specific regulations that the Division must establish, including employee training requirements, audit assessments, and breach reporting protocols.

Furthermore, the bill introduces a safe gaming certification program for those who exceed minimum cybersecurity standards, which includes enhanced encryption, transparency measures, and responsible gaming tools. Certified entities will receive a Safe Gaming Seal for display on their platforms. Non-compliance with the cybersecurity requirements can result in fines of $10,000 for the first offense and $20,000 for subsequent offenses, with the potential for license suspension for repeated violations. The Division and the Cybersecurity and Communications Integration Cell are also tasked with preparing an annual report on the implementation of the act and emerging threats in the gaming industry.