New Jersey Cybersecurity and Communications Integration Cell

Background

On May 20, 2015, Governor Chris Christie signed an Executive order to establish the New Jersey Cybersecurity and Communications Integration Cell, proclaiming that "protecting the citizens and public and private institutions within the State of New Jersey from the threat of cybersecurity attacks is priority of [his] Administration." Governor Christie's directive followed a Presidential Executive Order from February 2015 signed at Stanford University "encourag[ing] the development and formation of Information Sharing and Analysis Organizations (ISAOs)...organized on the basis of sector, sub-sector, region, or any other affinity..." The formation of the NJCCIC also coincided with the aftermath of crippling and costly cyber-attacks against Rutgers University, New Jersey's largest public academic institution. New Jersey's cybersecurity advisor, Dave Weinstein, described the NJCCIC's goal as "preserv[ing] New Jersey's cyberspace as a leading venue for commerce, collaboration, governance, and innovation" in the face of malicious exploitation for "criminal, ideological, and political purposes." The NJCCIC played a role in protecting Pope Francis during his 2015 visit to New York City and Philadelphia.

Assessments

In January 2016, the NJCCIC assessed the cyber-terrorism threat to New Jersey to be "low despite their intent to target the United States." In October 2015, the NJCCIC assessed with high confidence that the oil and gas industry is at high risk of hacking from foreign intelligence services.

Automated Indicator Sharing

The NJCCIC engages in bi-directional sharing of cyber threat indicators with the Financial Services Information Sharing and Analysis Center to, according to the DHS, enable "improved situational awareness about emerging threats and facilitates rapid detection, prevention, and mitigation of threats without compromising the trust and confidentiality of participants.

The "Garden State Model" for Cybersecurity

The NJCCIC received praise from Stanford University's Center for Internet and Society for "innovating" on cybersecurity information sharing at a pace and scale that few states have achieved. Incident response is currently limited to Executive Branch agencies in New Jersey, but according to a November 2015 study, "State of the States on Cybersecurity" by the Pell Center for International Relations and Public Policy, there are "plans to create a NJ CERT", or New Jersey Computer Emergency Readiness Team, to be deployed statewide.

Partnerships

On July 8, 2015, the New Jersey Cybersecurity and Communications Integration Cell partnered with the Financial Services Information Sharing and Analysis Center (FS-ISAC) to "share and analyze cyber threat information on behalf of New Jersey's banking institutions". Under the agreement, both parties utilize an "open standards protocol for routing cyber threat information," which, according to New Jersey's Homeland Security Advisor, Chris Rodriguez, will increase New Jersey's financial institutions' "access to real-time and actionable cyber threat data."

In January 2016, the NJCCIC and the National Health Information Sharing and Analysis Center announced a partnership to improve cybersecurity information sharing with New Jersey’s healthcare providers. According to the New Jersey's cybersecuirity director, Dave Weinstein, the agreement is geared towards helping smaller healthcare providers by "distill[ing] the ones and zeros and translat[ing] them into nouns, adjectives and verbs that smaller companies can digest.”