The New Jersey Board of Public Utilities adopted a new set of cybersecurity requirements for regulated electric, natural gas and water/wastewater utilities services on Friday that were enacted to ensure the safety of customer information while also preserving reliable utility service.
“As cyber attacks against utility systems nationwide continue to increase in number and sophistication, addressing cyber security is a top priority to enhancing the security and reliability of utility service in New Jersey and across the nation,” Richard S. Mroz, president of the N.J. Board of Public Utilities, said. “To ensure that we continually meet the challenges of this ever changing threat, we have made certain that these policies are uniform yet flexible, promote information sharing and are capable of evolving as the threat landscape changes.”
The new requirements were created based upon recommendations provided by the New Jersey Cybersecurity & Communications Integration Cell (NJCCIC) and were made in consultation with the FBI.
The policies enacted on Friday were made in addition to regulations originally passed in 2011 to make the affected utility service corporations identify their use of industrial control systems, like Supervisory Control and Data Acquisition (SCADA) 2 to monitor utility facilities, and to report certain security events.