Only about 17% of tribes have what Michael Day, Founder and Executive Officer of TribalHub, calls a “shared IT structure.” IT resources are shared across tribal organizations in this model — government, health, gaming and enterprise.
The rest have either separate IT structures, partially shared IT structures or completely outsourced IT.
A central IT structure is not inherently better than a decentralized IT structure. As Day explained at the annual TribalNet conference, every tribe’s size, number of gaming and enterprise entities affiliated with it, and other unique factors warrant different structures.
“But if there's one thing you probably have to fight for the most in centralizing, it’s cybersecurity,” Day said. “I would say it's probably the most important thing. It's really hard to say that if you get a disease in your hand that it won't kill the rest of your body.”
Day’s words reflect a prevailing theme of TribalNet 2025, which is the growing importance of cybersecurity as more tribal nations modernize their IT. This is especially salient as cyberthreats targeting tribes increase, and as tribal nations explore AI use cases that can expand attack vectors.
Click the banner below to follow FedTech’s TribalNet 2025 coverage.
Narrowing the Security Workforce Gap With Tribal-ISAC
“There isn’t enough IT staff at so many of these organizations,” said Adam Gruszcynski, IT director at Potawatomi Casino Hotel. “In many cases, one or two people have to be the jacks of all trades, masters of none, and cybersecurity fits in where it can."
Gruszcynski is a steering committee member of the Tribal Information Sharing and Analysis Center (Tribal-ISAC), which has become a front line in cybersecurity.
Tribal-ISAC is composed of more than 300 members across 106 tribes, including IT staff, regulators, gaming commissioners and security personnel from federally recognized tribes. These members share threat intelligence, resources, real-world experience and other information.
For example, Gruszcynski said a vulnerability was discovered at the Potawatomi Casino Hotel in Milwaukee prior to the Republican National Convention.
“I reached out to the ISAC, and I was able to get the issue resolved within two days, and I don't know that I would have been able to do that without the membership and the community that has been built here,” Gruszcynski said.
“It really comes from a place of sharing, building a relationship and the trust factor, and there's not a product for that,” said Toni Pepper, a member of the Tribal-ISAC steering committee and a former chief information technology officer for San Manuel Band of Mission Indians.
Ransomware is the biggest threat facing tribes, according to Pepper, along with business email compromise and social engineering. Tribal-ISAC provides resources and grant opportunities that can help tribal entities contend with these and other cyberthreats. The steering committee sees this as a key benefit of Tribal-ISAC, but not the core benefit.
“Having that community to know you're not alone, especially for smaller tribes, or those that may not have a cybersecurity staff, is so important,” said Adam Morrison, CIO for the Mississippi Band of Choctaw Indians. “That's the most unique thing we bring here.”
75%
The percent of cyberthreats against tribes that were identified as ransomware
Source: Tribal-ISAC, “The Pulse: The State of Cyber Security Within Tribal Nations,” 2025
AI Escalates the Need for Cybersecurity Investment
When Brett Talmadge, CIO of Nisqually Red Wind Casino, was instructed by his executives to start thinking about leveraging AI, his mind immediately went to cybersecurity.
“The first thing you have to do is realize that any searches and any data that is leaving your enterprise is susceptible to getting in the hands of a bad actor,” Talmadge said.
Gaming and hospitality are prominent targets for cybercriminals because of access to customer data and the possibility of business disruptions. Large language models open a new vector in the form of LLM prompt injections. These are attempts to trick AI into performing unauthorized actions, such as revealing confidential information or bypassing safety protocols.
Before adopting AI, Talmadge made network and access security a priority. He used Varonis to boost observability of files, folders and assets in shared environments such as Box and Microsoft Office 365 to identify overexposed resources. Thousands were identified, he said.
Varonis and Darktrace’s AI features were subsequently used to help identify anomalous behaviors that could be indicative of a network intrusion.
“You've got to operate under the assumption that you're already infiltrated,” Talmadge said. “Somebody's already sitting under your network, and I've seen it time and time again where that's happening.”
Observability was also crucial for monitoring subsequent AI use cases in areas such as administrative assistance, customer service agents and even accounting processes.
The key takeaway from Talmadge’s session was that tribes should explore AI’s potential for their organizations, but assume a posture of zero trust and invest in security accordingly.
“Just rolling it out is extremely dangerous,” he said. “Your cybersecurity investment has to be nonnegotiable.”
To learn more about TribalNet, visit our conference page. You can also follow us on the social platform X at @FedTechMagazine to see behind-the-scenes moments.
