top of page
  • Writer's pictureEnterra

Lessons from MGM’s Cybersecurity Incident: A Roadmap to Resilience

Recently, MGM Resorts International encountered a significant cybersecurity issue that led to the shutdown of several key computer systems, severely impacting its operations across a wide range of hotel and casino services. This incident not only disrupted the digital infrastructure but also had a tangible effect on the physical operations of the resorts. At the Aria Casino, operated by MGM, approximately half of the slot machines were reported as non-functional, and issues were noted with automatic door systems and sports betting kiosks. This situation forced MGM to revert to manual operations such as physical hotel-room keys and traditional front-desk check-ins, highlighting the intricate connections between their cyber systems and daily operational capabilities. This breach serves as a stark reminder of the vulnerabilities inherent in the Information Technologies, Financials and Public Service sectors, which routinely manages vast amounts of personal and financial data and requires robust protection to maintain guest trust and operational integrity.

Understanding What Went Wrong

MGM's challenge was two-fold: managing the immediate cybersecurity breach while ensuring ongoing operations could continue as smoothly as possible. The incident highlighted several critical vulnerabilities. Firstly, the over-reliance on digital systems without sufficient fallback protocols meant that any disruption to these systems had immediate and widespread consequences. The manual systems, although effective as temporary measures, were not sufficient to prevent significant disruptions to the guest experience. Secondly, the incident revealed potential gaps in MGM's cybersecurity preparedness, particularly in areas like real-time threat detection and response, which could have mitigated the impact of the breach. This situation underscores the necessity for more robust, proactive cybersecurity strategies that can shield both digital and physical infrastructures from such threats.

Enterra's Proactive Approach to Cybersecurity

At Enterra, we believe in a proactive approach to cybersecurity, guided by our robust maturity model that emphasizes both prevention and rapid response. We advocate for a strategic evolution through structured stages—from foundational protective measures to advanced adaptive capabilities that dynamically respond to emerging threats. This incident underscores a crucial junction where adopting a more proactive, integrated cybersecurity strategy is essential for mitigating risks and enhancing resilience.

Our strategy focuses on several key areas:

  • Proactive Threat Detection: Utilizing advanced solutions like Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR), we help ensure that threats are identified and neutralized before they can cause significant damage.

  • Adaptive Security Posture: We emphasize not only defending against known threats but also continuously adapting to new and emerging tactics. This approach could have potentially alerted MGM to vulnerabilities before they were exploited.

  • Integrated Security Measures: We promote the integration of physical and digital security measures to enhance the resilience of systems critical to operations like key card accesses and online services, which were points of failure in this incident.

Lessons for the Future

The MGM incident drives home the importance of continuous improvement in cybersecurity measures. It is crucial for organizations to anticipate potential threats and evolve their security measures accordingly. Businesses must embrace a holistic cybersecurity strategy that includes rigorous risk assessments, employee training, and the integration of advanced technological defenses. This proactive and comprehensive approach ensures that organizations are not only prepared to handle current threats but are also well-equipped to adapt to new challenges.

For those in the hospitality industry, and indeed any sector where customer service and financial trust is paramount, the journey towards cybersecurity maturity is crucial. Each step forward not only enhances security but also operational efficiency and customer confidence. The recent MGM incident is a potent reminder of the stakes involved and the imperative to invest in a cybersecurity infrastructure that is both responsive and anticipatory. At Enterra, we remain committed to guiding our partners through this complex landscape, ensuring that their journey towards cybersecurity maturity is strategic, secure, and aligned with their unique operational needs.


bottom of page