N.J. Admin. Code § 13:69D-2.4

Current through Register Vol. 56, No. 21, November 4, 2024
Section 13:69D-2.4 - Networks
(a) Each casino licensee shall maintain internal controls that ensure the security, integrity, reliability, and functionality of the network that supports its controlled computer systems.
(b) Each casino licensee shall maintain a current network diagram which identifies all critical computer system connectivity.
(c) Each casino licensee shall protect its network from foreseeable risks. Division best practice is to evaluate risks to its network, develop a plan to mitigate those risks, implement the plan, test the plan, and update the plan when necessary.
(d) Each casino licensee shall ensure network security. Division best practice is to maintain and enforce written policies that address firewall rule sets, functionality, and monitoring for malicious or abnormal activity.
(e) Each casino licensee shall perform an annual system integrity and security assessment conducted by an independent professional selected by the licensee, subject to the approval of the Division. The independent professional's report on the assessment shall be submitted to the Division annually and shall include:
1. The scope of review;
2. The name and company affiliation of the individual(s) who conducted the assessment;
3. The date of the assessment;
4. The findings;
5. The recommended corrective action, if applicable; and
6. The casino licensee's response to the findings and recommended corrective action.

N.J. Admin. Code § 13:69D-2.4

Amended by 49 N.J.R. 3781(a), effective 12/4/2017