At the Indian Gaming Tradeshow & Convention, a session on data governance and cybersecurity pulled the conversation out of theory and into how operations are actually running today. The discussion centered on how data is managed, where risk is showing up, and what operators need to have in place as more of the business moves digital.
Anika Howard grounded the conversation early by shifting the focus away from technology and toward process. “I think you actually don’t even start with the technology. You start with the process,” she said, pointing to how many organizations move too quickly into tools without first defining what data matters and how it should be used.
She framed that around identifying core data across the business. “What are the crown jewels of the information?” Howard said, emphasizing that not all data carries the same weight and that prioritization is part of governance.
That approach extends to retention. Operators are holding onto large volumes of data that no longer serve a purpose. “What is the business value of the data?” she said, pointing to the need to evaluate what is actually being used versus what is simply being stored.
From there, Melissa Aarskaug kept the discussion focused on how governance shows up in execution. Rich Thompson built on that by connecting governance directly to how operations are structured. “It needs to be part of the ethos of the organization,” he said.
He also addressed the relationship between compliance and security. “If you’re compliant, you’re not always secure,” Thompson said. “But if you’re secure, it’s likely that you might be compliant.”
Much of the exposure discussed is no longer tied to systems alone. It’s tied to devices. “We keep so much information on our phones,” Thompson said, referencing how executives access financials, HR systems, and operational reporting directly from mobile devices. That shift expands the risk surface. Personal devices, shared access, and remote environments introduce variables that aren’t always accounted for in traditional controls.
Sam Basile extended that to mobile and cashless environments, where identity is tied to the device itself. “What mechanisms do you have to know if anyone else is in control of this?” he said, describing how easily location data, GPS signals, and device inputs can be manipulated.
As more activity moves onto personal devices, that question becomes harder to answer and more important to address.
The conversation returned repeatedly to visibility. Thompson put it directly. “If you don’t tag it, you have no idea what’s going on,” he said, referring to how organizations often lack a clear view of what data they have and how it’s structured.
The panel also addressed how governance is viewed internally. It is often treated as something to get to later, after other priorities are addressed. The discussion pushed back on that framing.
“Information is the economy,” Thompson said, pointing to how player data and operational insight drive decisions across the business.
For operators, the implication is clear. Data governance underpins how risk is managed, how compliance is maintained, and how the business scales. How well it is defined and executed will directly impact operational performance.
