Wipfli logo
Insights - Articles, Blogs and on-demand webcasts

Articles & E-Books


5 ways to plan for continuity after a cyberattack

Sep 26, 2023
By: Derek J. Olson

Most tribal casinos know a thing or two about cyberattacks.

They have robust cybersecurity programs in place to help prevent and respond to the issues they face on a regular basis. But as cyberattacks continue to grow more sophisticated, it’s important to ensure that your business continuity plan prepares you for the worst-case scenarios.

Recent attacks show what’s possible when an organization faces a severe threat: One business was left without access to its major systems, affecting everything from hotel check-ins to elevator operations.

If you want to keep your tribal gaming enterprise safe, you need a continuity plan that can match changes in the cybersecurity landscape. Here are five ways you can upgrade your plan and stay prepared:

1. Understand the elevated risks

When dealing with a major cyberattack, standard resiliency measures may not be sufficient to protect your casino.

Cyberattacks are increasingly targeting and compromising backup data repositories. Typically, businesses can rely on backup systems in a secondary data center being available if their primary systems go offline. But a cyberattack can compromise your ability to pivot efficiently.

Cyberattacks can also significantly lengthen your recovery timeline. Traditional disaster recovery plans will have outlined recovery objectives and capabilities, such as the number of hours it may take to switch from a primary data center to a secondary one. Cyberattacks, however, can extend that timeline well beyond the anticipated recovery goals.

2. Prepare your manual procedures

Since cyberattacks can have an unpredictable impact, it’s important to prepare effective manual procedures.

Casinos can operate systems for everything from hospitality to electronic gaming. If you lose access, you need to consider how that will impact end users within your organization and your customers.

For example, if you operate a hotel and casino, how are staff going to handle reservations and room keys? Or how will your front office employees navigate losing access to key data, such as player information and comps for customers?

You also need to ensure that whatever measures you plan are sustainable for an extended recovery period.

3. Understand your priorities

If multiple systems shut down, what are your recovery priorities?

From both a systems and management perspective, leadership should identify the critical steps they need to take in the first hours or days of an event. Consider what systems or servers your IT department will need running first to make for a smoother recovery. You should also look at issues such as what customer concerns need to be addressed to help maintain a positive experience.

Proper planning can make your initial response less chaotic and more effective.

4. Keep your plan updated

Having a business continuity plan in place is only one part of staying prepared.

Once formalized, plans need to be updated and reviewed at least once a year. It’s also important to continually validate your readiness through options such as tabletop exercises.

Tabletop exercises are a discussion-based walkthrough of the events you may encounter in a hypothetical disruption scenario. Participants may include senior management, department leaders, the IT team and other stakeholders.

During the discussion, the group walks through a series of events and examines the types of decisions and actions that would be needed in response to a specific event. It provides a positive team-building experience while helping you determine whether your organization’s response is comprehensive and your team is prepared.

5. Get leadership on board

Most tribal casinos already take cybersecurity risks seriously, but they may not always have those concerns represented at the leadership level.

In your organization, it’s important to have someone in a board or executive position who can take accountability for your cybersecurity incident response plan. Positions such as a chief information security officer or chief information officer can help provide proper oversight while also monitoring and reporting risks.

Across your organization, leadership also needs to have a solid understanding of the response process, including their roles and responsibilities, the communication plan and what they should expect from each department. Having that accountability and oversight helps ensure that when your organization does need to use your plan, it can be implemented effectively.

How Wipfli can help

Wipfli brings decades of experience in serving tribal entities to help your gaming enterprise stay resilient. We provide the guidance your business needs to understand the latest technology and how it can impact your organization while also helping you maintain compliance. Contact us today to learn more about how we can help empower your tribe to face tomorrow’s challenges.

We’re also sharing more about cybersecurity best practices with our 30 tips in 30 days for Cybersecurity Awareness Month.

Sign up to receive additional tribal gaming content in your inbox or continue reading:


Derek J. Olson