Brent Hutfless TribalHub & Tribal-ISAC Member

131

Exec. Dir. IT Security, Wind Creek Hospitality

Does your organization have a data governance policy or plan that addresses issues like GDPR, CCPA or PIPA? Have you amended user acceptance language for rewards programs? Maybe focused on hotel guests or non-gaming data? Has the tribe determined they are protected from these issues due to sovereignty?

Has anyone mapped the MICS, TICS or SICS to the CIS controls or another framework? If so, would you be willing to share? Would rather not re-invent the wheel if someone has already completed this project.