This bill mandates the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) to conduct a comprehensive 12-month study of the cybersecurity infrastructure of public entities and private businesses operating in New Jersey. The study aims to identify potential cybersecurity threats and vulnerabilities to cyberattacks. Within 120 days of the bill's effective date, the NJCCIC is required to establish parameters for the study, which will include a reporting requirement for public entities and private businesses to report any cybersecurity incidents or breaches of security, along with the results of subsequent investigations, to the NJCCIC over the study period.

Following the study, the NJCCIC must develop cybersecurity guidelines for public entities and private businesses within six months of the study's conclusion. These entities will be required to implement the established guidelines within one year, with penalties for non-compliance. Additionally, the NJCCIC will monitor cybersecurity incidents post-implementation and may modify the guidelines as necessary. The Department of Homeland Security and Preparedness is tasked with adopting a schedule of civil administrative penalties for entities that fail to comply with the guidelines, ensuring accountability in cybersecurity practices across the state.