Nevada Gaming Commission Approves New Regulations to Curb Cyberattacks

Cyberattacks have been slowly crippling the gaming industry for the past few years. This has resulted in the implementation of various measures to stop cyberattacks. One of the measures comes from the Nevada Gaming Commission`s amendment to regulations on Thursday, December 22, 2022.

The commission approved an amendment to regulations that protect Nevada`s gaming industry from cyberattacks. The regulations will become effective on the first day of 2023. The new regulation will require gaming operators to report successful attacks to gambling regulators within three days of the breach.

The Nevada Gaming Commission has also given gaming operators a year to create risk assessment plans. Additionally, the assessment plans must be revised yearly.

The new regulation applies to all gaming operators, including over 400 non-restricted casino operators, licensed sportsbooks, and interactive gaming firms in Nevada. Thursday’s meeting was brief. It focused on cyberattacks regulations that gaming operators initially opposed.

The approval of the amended regulations comes months after public hearings in the fall. Some members of the Association of Gaming Equipment Manufacturers and Representatives of the Nevada Resorts Association attended the Thursday meeting. Although they initially opposed the amendment, they did not voice objections during the Thursday discussion.

The senior deputy attorney for Nevada, Edward Magaw, reported that the final draft was amended to include recommended requests. This eliminated rejection that faced the August draft.

Details for the Updated Requirements

The updated regulations require gambling operators to report a successful breach to the Nevada Gaming Control Board that compromises patrons or employee records, data, and credit card details. The report must be made within three days of the breach.

Gambling operators must also explain why the cyberattacks happened and how much damage they caused. Additionally, the operator must report the actions it took or will take to curb similar attacks.

Operators have one year to complete their first risk assessment and implement the necessary measures to curb attacks. Each licensed operator is required to assess and monitor cybersecurity risks regularly.

The amended regulation does not state how or which measures operators should take to assess risk and thwart cybersecurity. Instead, it allows each operator to address the issue at its discretion. Apart from that, an independent and internal audit cybersecurity expert should verify that an operator complies with best risk assessment practices.

Cyberattack Victims

The updated regulation comes a few weeks after recent cyberattacks on different online operators. Just four weeks ago, DraftKings reported that customers` login information was compromised, which led to a theft of $300,000 from clients` accounts.

On Wednesday last week, BetMGM informed clients of a data security concern. The gambling operator said that unauthorized people or programs obtained customer information, including social security numbers.

In 2020, Binion`s Gambling Hall and the Four Queens had to close for over four days following a cyberattack that hit the casinos` systems and slot machines. Last year, Dotty`s chain also reported a data breach.

Still last year, the Cyber Division of the FBI released information about ransomware attacks that had hit multiple tribal casinos. This attack disabled connected systems, took down several systems, and caused Cheyenne and Arapaho Tribes of Oklahoma casinos several millions of dollars.

Up To $3,000 in Bonuses! Play Now
100% up to $3,000 Bonus

Bovada is our most recommended ONLINE CASINO and POKER ROOM for US players with excellent deposit options. Get your 100% signup bonus today.

Be the first to comment

Leave a Reply