Meet Nevada's New Cybersecurity Regulation 5

Advanced Cybersecurity Solutions for Nevada Gaming Operators

DruvStar specializes in risk assessment, threat monitoring, data security and compliance. With our expertise, you can stay ahead of the game and meet the requirements set forth by the Nevada Gaming Control Board.

Trusted by

Nevada Cybersecurity Regulation 5

Nevada Cybersecurity Regulation 5 is a new set of rules adopted by the Nevada Gaming Commission (NGC) on December 22, 2022, that creates new cybersecurity requirements for certain gaming operators in Nevada. The regulation aims to protect the personal information of patrons and employees, as well as the information systems of gaming operators, from the ongoing threat of cyberattacks.

Why Nevada is adopting these new regulations

The Nevada Gaming Commission is adopting the new regulations, to address the increasing threat of cyberattacks on gaming operators in Nevada. Cybersecurity threats, including data breaches and ransomware attacks, have become more sophisticated and frequent in recent years, posing a significant risk to the personal information of patrons and employees, as well as the information systems of gaming operators.

The regulations aim to protect the gaming industry’s reputation and the state’s economy, as the gaming industry is a significant contributor to Nevada’s economy. The NGC recognizes that the implementation of robust cybersecurity measures will help to ensure the integrity of gaming operations in Nevada and protect the state’s gaming industry’s long-term viability. The adoption of Nevada Cybersecurity Regulation 5 is a proactive measure by the Nevada Gaming Commission to safeguard against the threat of cyberattacks and maintain public trust in the gaming industry.

Don't let Nevada cybersecurity regulation deadlines sneak up on you.

Months Passed
Months Left To Start

Who does Nevada Cybersecurity Regulation 5 apply to?

Nevada Cybersecurity Regulation 5 is applicable to certain covered entities that hold gaming licenses such as nonrestricted licenses, race and sports book licenses, and interactive gaming licenses in Nevada. The regulation is intended to ensure that these entities implement adequate cybersecurity measures to safeguard their customers’ personal and financial data against cyber threats.

What are the main requirements of Nevada Cybersecurity Regulation 5?

The new regulation sets out several requirements for covered entities in Nevada. These companies must take steps to protect their information systems from cyber threats, comply with relevant state laws, and conduct risk assessments using best practices to reduce the risk of cyber attacks. Additionally, they must continuously monitor their cybersecurity risks and report significant attacks to the Nevada Gaming Control Board within 72 hours. Companies must also maintain written records of their compliance with the regulation for at least five years. The goal of the regulation is to ensure that these companies prioritize the protection of their customers’ sensitive information against cyber threats.

DruvStar Solutions

We understand that meeting these requirements can be challenging for gaming operators. Our team of cybersecurity experts has extensive experience working with gaming operators, and we understand the unique challenges they face in protecting their information systems from cyber attacks.

Requirement 1

Comprehensive risk assessment

Risk assessment to identify potential vulnerabilities in your information systems with a comprehensive plan to mitigate those risks.

Casinos, Sportsbook, Corporate

Requirement 2

Ongoing monitoring

Monitor and evaluate cybersecurity risks to your business operations on an ongoing basis and modify best practices and risk assessments as necessary.

Requirement 3

Incident response

Develop and implement incident response procedures that meet the requirements of the new regulation, including procedures for notifying the Nevada Gaming Control Board in the event of a cyber attack.

Standards Compliant

Requirement 4


Develop and implement procedures to review and verify compliance with the new regulation, including the documentation of all procedures taken to ensure compliance with the new regulation.

Our comprehensive services are designed to simplify your compliance efforts and ensure that you meet all of the requirements of the new regulation. We work with you every step of the way to ensure that you are fully protected against cyber threats and that you remain compliant with the new regulation.

Trust DruvStar to keep you compliant and protected. Schedule a free consultation today.

Attack emulation banner

[Ebook] Cyber Attack Emulation : An Essential Tool for Strengthening Your Defenses

Cyber attacks are a major concern for organizations of all sizes due to the ever-growing dependence on technology and the internet. To be prepared for any potential cyber threats, businesses should use a human-implemented cyber attack emulation as a proactive measure. The primary objective of such emulations are to assess the organization’s ability to detect, respond to, and recover from a cyber attack.

Read More

Eliminate Cyber Risk With DruvStar

We’re here to help. Reach out to schedule an introductory call and learn more about how DruvStar can benefit your organization.

Scroll to Top

Get In Touch

Nevada Cybersecurity Regulation 5 applies to certain covered entities that hold:
Nevada Cybersecurity Regulation 5 requires covered entities to: