The Nevada Gaming Commission has stepped up efforts to combat cyberattacks, with the unanimous approval of new regulation aimed at protecting casinos and their patrons from data breach. The amended regulation will see licensed operators develop risk assessment plans relating to cybersecurity threats within one year.
Casinos Must Develop Cybersecurity Best Practices
The new changes were approved on December 22, 2022 and will come into effect on January 1, 2023. It applies to all licensed casinos and sportsbooks operating in the state.
The new regulation requires each licensed operator to develop the cybersecurity best practices it deems appropriate, and modify them at least every year. The licensees must also report any data breach arising from a cyberattack to the Nevada Gaming Control Board within 72 hours.
Both the Nevada Resort Association (NRA) and the Association of Gaming Equipment Manufacturers (AGEM) agreed to the new changes. Virginia Valentine, president of the NRA, said certain aspects of the new regulation were drafted based on feedback from the association’s members. Similarly, suggestions from AGEM were also included in the final document.
Cyberattacks at Casinos
Over the years, casinos have become the subject of cyberattacks, often resulting in confidential information being compromised. One of the victims was Hard Rock Hotel (now operating as Virgin Hotels Las Vegas) which was hit by a data breach affecting customer credit cards twice in 2015 and 2016.