Back to New Jersey

A1928 • 2026

Requires State, county, and municipal employees and certain State contractors to complete cybersecurity awareness training.

Requires State, county, and municipal employees and certain State contractors to complete cybersecurity awareness training.

Labor Technology
Passed Legislature

This bill passed both chambers and reached final enrollment, even if later executive action is not shown here.

Sponsor
Quijano, Annette
Last action
2026-01-13
Official status
Introduced, Referred to Assembly Public Safety and Preparedness Committee
Effective date
Not listed

Plain English Breakdown

Using official source text because the generated explanation was unavailable or could not be confirmed against the official bill text.

Requires State, county, and municipal employees and certain State contractors to complete cybersecurity awareness training.

Requires State, county, and municipal employees and certain State contractors to complete cybersecurity awareness training.

What This Bill Does

  • Requires State, county, and municipal employees and certain State contractors to complete cybersecurity awareness training.
  • Topic: Public Safety and Preparedness Fiscal note: This bill has not been certified by OLS for a fiscal note.

Limits and Unknowns

  • This entry is temporarily using official source text because the generated explanation could not be confirmed against the official bill text during the last sync.

Bill History

  1. 2026-01-13 New Jersey Legislature

    Introduced, Referred to Assembly Public Safety and Preparedness Committee

Official Summary Text

Requires State, county, and municipal employees and certain State contractors to complete cybersecurity awareness training.
Topic:
Public Safety and Preparedness
Fiscal note:
This bill has not been certified by OLS for a fiscal note.

Current Bill Text

Read the full stored bill text
A1928

ASSEMBLY, No. 1928

STATE OF NEW JERSEY

222nd LEGISLATURE

�

PRE-FILED FOR INTRODUCTION IN THE 2026 SESSION

Sponsored by:

Assemblywoman ANNETTE QUIJANO

District 20 (Union)

SYNOPSIS

���� Requires State, county, and municipal employees and
certain State contractors to complete cybersecurity awareness training.

CURRENT VERSION OF TEXT

���� Introduced Pending Technical Review by Legislative
Counsel.

��

An Act

requiring State, county, and municipal employees
and certain State contractors to complete cybersecurity awareness training and
supplementing various parts of the statutory law.�

����
Be It
Enacted
by the Senate and General Assembly of
the State of New Jersey:

���� 1.��� All State officers and
employees in a State agency in the Executive Branch and in the Judicial Branch
of State government shall complete a cybersecurity awareness training program
at least once in each calendar year.� An officer and employee shall verify
completion of the program in the manner specified by the Chief Technology
Officer, or a designee, of the New Jersey Office of Information Technology.�

���� The Chief Technology Officer,
or a designee, shall approve the format and content of the program.� The
program shall be provided online.� The program may include content which addresses
certain identified groups of officers or employees, such as those who are
involved in contracting processes.

���� The Chief Technology Officer
shall require periodic audits by appropriate persons or agencies to ensure
compliance with the requirement set forth in this section.

���� As used in this section:�

���� "State agency in the
Executive Branch" means any of the principal departments in the Executive
Branch of� State �government, and any division, board, bureau, office,
commission, or other instrumentality within or created by a department, and any
independent State authority, commission, instrumentality, or agency, including
any public institution of higher education.

���� �State officer and employee�
means a person employed and compensated to serve in a full time or part time
capacity.

���� 2.��� All county and
municipal officers and employees shall complete, at least once in each calendar
year, the cybersecurity awareness training program approved by the Chief
Technology Officer, or a designee, pursuant to section 1 of P.L.�� , c.�������
(C.��� ) (pending before the Legislature as this bill).� An officer and
employee shall verify completion of the program to the governing body of each
county and municipality, as appropriate.� The governing body of each county and
municipality, as appropriate, shall report completion of the program to the
Chief Technology Officer, or a designee.�

���� The governing body of each
county and municipality, as appropriate, shall require periodic audits by
appropriate persons to ensure compliance with the requirement set forth in this
section.

���� As used in this section:

���� �County� means any county of
any class of this State, and any authority, commission, agency, or
instrumentality of a county.

���� �Municipality� means any city
of any class, any town, township, village, or borough of this State, other than
a county or a school district, and any authority, commission, agency, or
instrumentality of a municipality.

���� 3.��� The members of the
Legislature and the State officers and employees in the Legislative Branch of
State government shall complete, at least once in each calendar year, the
cybersecurity awareness training program approved by the Chief Technology
Officer, or a designee, pursuant to section 1 of P.L.�� , c.������� (C.��� )
(pending before the Legislature as this bill).� A member, officer, and employee
shall verify completion of the program to the Office of Legislative Services.�
The Office of Legislative Services shall report completion of the program to
the Chief Technology Officer, or a designee.� The President of the Senate,
Speaker of the General Assembly, and Executive Director of the Office of
Legislative Services shall require
�
periodic audits by appropriate
persons to ensure compliance with the requirement set forth in this section.

���� 4.��� Notwithstanding any
other provision of law to the contrary, a State contractor and a subcontractor
of a State contractor, and an officer and employee of the contractor and
subcontractor, who has access to a computer system of the State or a database
of the State shall complete the cybersecurity awareness training program
approved by the Chief Technology Officer, or a designee, pursuant to section 1
of P.L.�� , c.������� (C.��� ) (pending before the Legislature as this bill),
except that the Chief Technology Officer, or a designee, may include content in
the program which addresses contractors and their officers and employees.� The
program shall be completed once by each contractor, subcontractor, officer, and
employee during each contract period and each renewal period.

���� The completion of the program
shall be required by the terms and conditions of the contract or agreement
awarded by the State.� Each contractor, subcontractor, officer, and employee
shall verify completion of the program in the manner specified by the Chief
Technology Officer, or a designee.� The State contract manager, or a designee,
shall report completion of the program to the Chief Technology Officer, or a
designee.� The State contract manager, or a designee, shall conduct periodic
audits to ensure compliance with the requirement set forth in this section.�

���� The requirement of this
section shall apply to contracts awarded or renewed after the effective date of
P.L.��� , c.������ (pending before the Legislature as this bill).

���� 5.��� This act shall take
effect on the 90th day following enactment, except that the Chief Technology
Officer may take such anticipatory administrative action in advance as shall be
necessary for the implementation of this act.

STATEMENT

���� This bill provides for a
cybersecurity awareness training program for all State, county, and municipal
officers and employees and certain State contractors.

���� This bill, all State officers
and employees in the Executive Branch and the Judicial Branch of State
government will be required to complete a cybersecurity awareness training
program in each calendar year.� The Chief Technology Officer of the Office of Information
Technology will approve the format and content of the training program, which
will be provided online.� The program may include content which addresses
certain identified groups of officers or employees, such as those who are
involved in contracting processes.� The requirement in this bill includes
officers and employees of State authorities and of public institutions of
higher education.

���� Members of the Legislature and
the officers and employees in the Legislative Branch, as well as officers and
employees of the counties and municipalities in the State, will also be
required to complete the program approved by the Chief Technology Officer.�

���� Finally, this bill requires
State contractors and subcontractors and their officers and employees who have
access to the State computer system or a State database to complete the same
cybersecurity awareness training program as a term and condition of the State
contract, except that the Chief Technology Officer may include content in the
program which addresses contractors and their officers and employees.

���� The bill requires periodic
audits to ensure compliance with the requirements of this bill.