BoydGaming

Personal information and data are some of the most important and sensitive assets our guests, team members and business partners have. We realize and appreciate the trust our stakeholders place in us when they provide us with this information, and we have invested in comprehensive measures to keep that information safe and secure.

Led by Boyd Gaming’s Chief Information Security Officer (CISO) and a dedicated Information Security team, Boyd operates and maintains a comprehensive program designed to safeguard our systems, services, and data from cybersecurity-related threats.

Leadership Oversight

• Our CISO and Senior Vice President of Legal Operations and Compliance provide diligent oversight of our data privacy and cybersecurity programs.
• Our Board of Directors and Information Security Advisory Board, consisting of cross-functional leaders within the organization, receive briefings from the CISO at every Board meeting. These briefings cover risks to the business, our security posture, and progress on our cybersecurity initiatives.
• We regularly engage third parties to assess our overall cybersecurity posture, our data security programs, and risks to the business.

Testing Our Systems

• We conduct regular penetration testing and security assessments of our systems to identify, validate, and remediate potential cybersecurity risks.
• We provide ongoing guidance and training to team members emphasizing vigilance against social engineering tactics, including unsolicited phone calls from individuals claiming to be Boyd team members or requesting network access.

Staying Vigilant

• We have a comprehensive Incident Response Plan (IRP) that covers all Boyd operations in the United States and Canada. We review and rehearse this plan with periodic tabletop exercises and make annual updates as necessary.
• We have a Security Operations Center (SOC) in operation 24/7 that utilizes leading security technologies and automated processes to protect our network, systems, and databases. These technologies are designed to protect, detect, and immediately respond to unauthorized attempts to access our network and systems.
• We conduct ongoing cybersecurity awareness training for Boyd Gaming team members, focused on secure use of corporate systems, protection of sensitive information, and recognition and reporting of potential security threats. Training effectiveness is reinforced through periodic communications and targeted follow up where appropriate.

For additional information on how we collect, use, and protect personal information and data, please see our Company’s Privacy Policy.