Cyberattacks: It’s no longer a question of “if.” It’s a question of “when.” Three key areas that Tribal organizations should review to protect their businesses

Interview with Christopher Janke, Senior Technology Manager, Wipfli

Sponsored Content by Wipfli

Cyberattacks are increasingly common, and it’s no longer a question of “if” but “when” they will occur. This is particularly true for Tribal organizations, which are often targeted by cyber criminals due to their casino businesses and the amount of cash that is involved. According to the Wipfli website (, the U.S. is the target of 46% of the world’s cyberattacks and on average, it takes a business more than 200 days to detect a data breach.

By taking proactive measures to protect themselves against cyberattacks, Tribal organizations can prevent devastating consequences and keep their systems and data safe.

Christopher Janke, Senior Technology Manager at Wipfli, has over 30 years of experience in the technology industry, including telecommunications, IT software, IT hardware and IT management. He works specifically with Wipfli’s Tribal clients.

Chris points out three areas that should be reviewed for vulnerabilities:

  1. Infrastructure and technology deficiencies
  2. Regular testing for security gaps
  3. How much expertise do you have in-house?

Is Your Infrastructure and Technology Current and Protected?

Replacement of older and on-premises based hardware infrastructure can prevent cyberattacks and improve overall IT management. When was your infrastructure last audited?  Is it time to invest in new equipment or consider the cloud?

Implementing cloud services can provide better security than having IT hardware onsite, which is subject to theft, fire, floods, and other risks. As there is some hesitancy for Tribes to move their services to the cloud, it is more critical than ever that on-premises hardware is not outdated and that older and failing infrastructure is being monitored. Janke says, “Your Tribe’s members, culture and sovereignty are top priority. We will come up with the best solution for your unique infrastructure and organizational goals.”

Cloud-based infrastructure solutions offer significant benefits to traditional on-premises infrastructure, including reduced capital investments, less headache managing and securing physical data centers, and increased redundancy and scalability to help your systems stay online.

How Do You Test for Security Gaps and is it Enough?

Janke says that regularly scheduled cybersecurity testing is critical, yet basic testing isn’t enough. Some Tribes rely on the NIGC annual vulnerability assessment. This calls out a lot of gaps in the security and Wipfli helps clients remediate those gaps. However, this vulnerability assessment is an “entry level cyber test” and Janke believes that Tribes really need to invest more in external and internal penetration testing. That is a more robust testing method to uncover security gaps in the infrastructure.

Wipfli conducts a variety of security evaluations, including assessing vulnerabilities and simulating adversaries in a penetration test to see if it’s possible to gain unauthorized access. We also help train your staff to be more security conscious and build a stronger human firewall.

How Much Expertise Do You Have in House?

As Tribal enterprises have grown from small casinos to mega resorts and multi-entities, they have also increased their sprawling IT landscapes amidst constantly evolving security challenges.  In today’s environment, outside managed services are needed to protect critical data, by firms that make it their job to know about threats 24/7.

“In the U.S. alone every 11 seconds, a business falls victim to ransomware. You cannot expect an internal IT department at a casino to specialize in threat assessment and technology and have all the necessary infrastructure in place. You need an outside partner to help mitigate that,” Janke shared.

“As one example, when many clients go to renew their cybersecurity insurance, their carrier says you must have MDR (Managed Detection & Response) service in place. So, we’re seeing a large uptick in MDR to the point where we are now including it as a standard offering within our managed services agreements.”

With talent and expertise shortages, having a partner in cyber security is not a “nice to have” but a must have to protect the Tribe’s data. Outside service providers, such as Wipfli, assist the current IT staff with managing and upgrading the environment.

Just Ask Your CFO About Us …

Why choose Wipfli for your IT security needs over another company you don’t know? Wipfli has worked with hundreds of Tribes providing audit and accounting services for over 30 years, plus they have a fully embedded cybersecurity and IT management company within Wipfli. According to Janke, they can help Tribes in a variety of different ways. “We offer financial accounting, CRM, and ERP software solutions as well. Whether a Tribe needs a new server or firewall, cybersecurity testing, or is looking at software purchases, we are a one-stop shop that can help. It really is a differentiator that the CFO can say to the IT department, ‘Hey, we’ve been working with them for years, they’re good people.’”

Remember, while cyberattacks are a significant threat to Tribal organizations, Wipfli can help by providing solutions such as regularly scheduled cybersecurity testing, implementing cloud services, and replacing older IT infrastructure. By taking proactive measures to protect themselves against cyberattacks, Tribal organizations can prevent devastating consequences and keep their systems and data safe.

Don’t wait another moment. The risk is too great. Contact Chris Janke at 847-941-0218 for more information.