MGM, Caesars Cyberattack Responses Required Brutal Choices
Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.
Incident coverage examines breaches, outages, and response failures to explain how security events affect systems, data, and organizations.
Search across headline titles and summaries.
Background for this topic.
An incident is a suspected or confirmed event that threatens the confidentiality, integrity, or availability of information or systems, or violates a security policy. Examples include unauthorized access, malware execution, exposed credentials, data loss, and disruptive attacks. Not every alert is an incident: triage determines whether an event is credible, its scope, and the assets or data involved.
Incident handling requires timely detection, analysis, containment, eradication, and recovery. Practitioners must preserve relevant evidence, identify affected accounts and systems, assess whether data was accessed or altered, and prevent recurrence. Clear escalation and documentation support privacy or regulatory notifications when applicable. Findings should feed security improvements such as closing exploited vulnerabilities, strengthening access controls, and updating detection and response procedures.
Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.
MGM and Caesars are putting new SEC incident disclosure regulations to a real-world test in the aftermath of twin cyberattacks on the casinos, as class-action lawsuits loom.
CISOs can refine their soft skills to help get their cybersecurity best-practices message across. Steps include increasing staff incident-response training and staying current with the threat landscape.