In today’s business landscape, accepting credit cards is crucial for competitiveness. This is especially true in sectors like online gambling.

Increasing incidents of credit card fraud, identity theft and data breaches have pushed businesses to employ a secure environment for card transactions. Failure to protect this sensitive information can result in a loss of trust from customers towards both merchants and financial institutions.

As a bridge to ensuring this trust and security, adherence to the Payment Card Industry (PCI) standards becomes essential. Every credit card transaction processed by your business needs the protection these standards offer. For online gambling businesses, where transaction volume and frequency are notably high, this compliance is even more crucial.

However, irrespective of the size of your online gambling business, all businesses, from start-ups to large corporations, must comply. This ensures the security of your customers’ cardholder information and maintains your standing as a trustworthy organization in the online gambling space.

PCI compliance: An overview

PCI compliance is a set of security standards designed to protect card transactions against data theft and fraud. It is established by the PCI Security Standards Council (PCI SSC). The standards are comprehensive, covering a wide range of security measures to ensure the safe handling of sensitive data.

Significant revisions and updates have been made to the PCI Data Security Standard (PCI DSS) in its version 4.0, released in the first quarter of 2022.

In January 2022, a draft preview of the standard was provided to Participating Organizations, Qualified Security Assessors (QSAs) and Approved Scanning Vendors (ASVs). The council then released the final versions of the standard, which included validation documents and the initial phase of standard translations, for March 2022.

Notably, PCI DSS v3.2.1 will remain in effect until March 31, 2024. This transition period of two years allows organizations time to adapt and implement the new standards. After this period, PCI DSS v3.2.1 will be retired and v4.0 will become the exclusive active version of the standard.

PCI DSS 4.0 introduced a variety of updates since its inception. Key points among these updates are:

  1. Evolved terminology for network security: The standard has shifted its terminology from “firewalls” to “network security controls.” This change acknowledges a wider array of technological solutions that achieve the security outcomes traditionally associated with firewalls.
  2. Broadening of requirement 8: Requirement 8 now encompasses the implementation of multi-factor authentication (MFA) for any access to the cardholder data environment. This expansion signifies a stronger emphasis on authentication measures.
  3. Enhanced flexibility in compliance: The revised standard offers greater flexibility, allowing organizations to demonstrate compliance through various methods tailored to their specific security goals.
  4. Introduction of targeted risk analyses: Organizations are now granted the latitude to decide the frequency of certain security activities. This addition is designed to align security practices more closely with each entity’s unique business needs and risk profile.

PCI’s Web Application Firewall

Under PCI 4.0, the role of Web Application Firewalls (WAF) in securing online platforms is more pronounced. A WAF is a security system that monitors, filters and blocks potentially harmful traffic to and from a web application. It acts as a gatekeeper, ensuring that only safe traffic reaches the application, which is crucial for online gambling sites handling sensitive user data.

A WAF is particularly effective in protecting against common web attacks. These include SQL injection, cross-site scripting and other vulnerabilities that can be exploited to gain unauthorized access to data.

The PCI DSS outlines specific criteria regarding WAFs to bolster online security. One of those criteria is Requirement 6.4.2, which necessitates the deployment of an automated tool dedicated to continuously detecting and thwarting web-based attacks targeting web applications. This is a significant enhancement from the previous requirement that only called for periodic vulnerability scans of web applications.

Another critical aspect is Requirement 6.6, which stipulates that all web-facing applications must be shielded from known threats. This can be achieved through several methods. One option is to conduct a thorough analysis of all custom application codes for common vulnerabilities, undertaken either by the organization itself or by an external expert specializing in application security.

Alternatively, organizations can install an application-layer firewall as a frontline defence for their web-facing applications. The use of automated source code review tools, along with both automated and manual web vulnerability assessment tools, is also a viable approach.

When opting for a WAF, ensure that it is configured correctly to provide effective protection. However, it’s crucial to note that merely employing a WAF is not sufficient to fulfill the entire spectrum of PCI DSS’s web application security requirements. Comprehensive strategies encompassing multiple layers of security measures are necessary to fully adhere to these standards.

Plan with Continent 8 Technologies

Understanding and adhering to the intricate requirements of PCI compliance might seem daunting, but don’t worry, we’ve got you covered.

For businesses in the online gambling sector, it’s essential to evaluate your current security measures critically. Are your web-facing applications adequately protected against potential threats? If the answer is anything but a “yes,” you should start planning to get it done.

Planning ahead is vital to ensure that your business not only complies with PCI requirements but is also fortified against a broad spectrum of cyber threats. By taking proactive steps now, you can secure your operations and maintain the trust of your customers in this rapidly evolving digital landscape.

This is where C8 Secure steps in. We offer comprehensive Web Application and API Protection (WAAP) solutions tailored to the unique needs of online gambling enterprises. Our services are designed to provide robust security layers, encompassing everything from automated vulnerability assessments to advanced application-layer firewalls. By leveraging these solutions, you can safeguard your web applications against both known and emerging threats.

Our WAAP solutions represent a proactive approach to online security that aligns with the stringent standards set by the PCI and beyond.

To support operators ensure they are PCI compliant, Continent 8 is offering 3 months FREE WAAP services for the first 50 customers to sign up to a 15-month contract*.

Learn more here: Waap solution for PCI compliance


*T&Cs apply. Limited-time offer; subject to change. First 3 months free, when signing up to a 15 month contract.

Super Bowl LVIII between the San Francisco 49ers and the Kansas City Chiefs on 11 February 2024 at the Allegiant Stadium was the first Super Bowl to be held in the state of Nevada, and the second ever to be decided in overtime. The event boasted record views of around 124 million (up from 113 million last year), with watchers enjoying the longest Super Bowl in history!

It was also a record-breaking 2024 in gambling terms, with an estimated 68 million US adults betting $23.1 billion, compared to last year’s 50.4 million US adults and $16 billion in bets, and a reported 11% increase in wagers across UK & Europe as NFL popularity grows outside the US.

This year also saw at least one $1m bet and a six-figure wager on the coin flip (it landed on tails BTW).

If we look at a few operators, FanDuel reported record $14 million bets on the Super Bowl with a total handle of $307 million, Entain reported 74% YoY increase in quantity of bets in the UK alone, and in Nevada itself, the Gaming Control Board reported a record breaking $185.6m wagered across 182 sportsbooks.

As the largest network, infrastructure and security supplier to the US and global market, Continent 8 can report its stats for Super Bowl LVIII:

Being prepared for a surge in betting

Continent 8 is no stranger to supporting high-traffic sporting contests. Whether it is annually for the Grand National or Cheltenham horse racing events in the UK and Ireland, the UEFA Champions League across Europe, March Madness in the US, or every four years for the UEFA Euro finals or FIFA World Cup, we know what it takes to ensure platform uptime.

As the infrastructure and hosting solution partner of choice to iGaming and sports betting operators and suppliers, live in 30 US states, and supporting 85% of operators on the 2023 EGR US Power Rankings, we have in place the solutions and support systems that ultimately give operators the confidence they need to maximize the acquisition and retention opportunities these events present.

As standard for identified special sporting events, we:

In addition to this:

What’s key throughout is ensuring our customers are aware of all activity with notifications regularly sent such as internet and MPLS data, as well as average and maximum traffic in and out.

The Super Bowl is a huge event for sportsbooks, particularly now that the US has opened up online gambling in more than 30 states.

And after a very short amount of breathing space, we prepare for March Madness in the same vein!

Why choose Continent 8 for iGaming hosting in the USA?

Live in 30 states

Our expansion in the US began with a state-of-the-art data centre in Atlantic City, enabling customers to take advantage of the sports betting market opportunities in New Jersey, while gaining immediate access to the Continent 8 global network. Today we are live in 30 US states, with several new states in the pipeline. What’s more, we have secondary sites in several key US states, providing true disaster recovery capabilities.


We have an aggressive strategy to ensure we are the first iGaming hosting provider in state, enabling our customers to capitalise on the fast-growing and competitive US iGaming and sports betting market.

Regulated and compliant

We have vast regulatory experience with strong regulator relationships across states, ensuring a complaint gaming solution for each.

Growing global team

We are a global team with a local presence – we ensure we have a team on the ground in the US to help you expand.

Learn more about our trusted solutions in the USA here or contact the team via

Sources: ESPN, EGR

Craig Lusher, Product Principal [Secure Solutions], discusses the recently uncovered iOS Trojan designed to steal users’ facial recognition data, identify documents, and intercept SMS.

In an era where digital threats are increasingly sophisticated, the discovery of the GoldFactory iOS Trojan, as reported by Group-IB, underscores a critical challenge for businesses and individuals alike. This advanced iOS Trojan, designed to infiltrate iPhones through malicious applications, represents a significant escalation in the cyber threat landscape, particularly for users who assume iOS devices are immune to such risks.

The Trojan, named GoldFactory, exploits a method that bypasses Apple’s stringent app review process, enabling cybercriminals to distribute their malicious software via seemingly benign applications. Once installed, GoldFactory can execute a range of malicious activities, from stealing sensitive facial biometric information to executing phishing attacks, posing a substantial risk to data security and privacy.

Continent 8’s response with Mobile Protect

In response to evolving mobile threats like GoldFactory, Continent 8 Technologies’ Mobile Protect service stands as a defence against mobile cyber threats. Our solution is designed to safeguard iOS and Android devices against a wide spectrum of cyber attacks, including sophisticated Trojans, malware, and phishing schemes.

Mobile Protect leverages cutting-edge technology to provide real-time threat detection and response, ensuring that even the most advanced Trojans, such as GoldFactory, are identified and neutralised before they can inflict harm. The service employs a multi-layered security approach, combining endpoint protection with continuous monitoring and threat intelligence, to offer comprehensive protection for mobile devices.

Addressing business challenges

The advent of Trojans like GoldFactory presents significant business challenges, from the risk of data breaches and financial loss to reputational damage. Continent 8’s Mobile Protect service directly addresses these challenges by:

  1. Ensuring data privacy and security: Mobile Protect guards sensitive data against unauthorised access and theft, crucial for maintaining customer trust and complying with data protection regulations.
  2. Enhancing operational resilience: By safeguarding mobile devices against cyber threats, businesses can ensure uninterrupted operations, protecting against the downtime and financial losses associated with cyber attacks.
  3. Supporting compliance efforts: Mobile Protect aids businesses in meeting compliance requirements, like GDPR, offering peace of mind in an increasingly regulated digital environment.

The detection of the GoldFactory iOS Trojan serves as a stark reminder of the evolving cyber threat landscape and the need for robust security measures. Continent 8 Technologies, through its Mobile Protect service, offers an effective solution to these challenges, providing iGaming casino and sportsbook businesses and their mobile users with the highest level of protection against mobile cyber threats.

As cybercriminals continue to innovate, the importance of proactive and comprehensive security measures cannot be overstated. With Mobile Protect, Continent 8 Technologies reaffirms its commitment to securing the digital frontier, ensuring that businesses can operate with confidence in a connected world.

To learn more about Mobile Protect click here or reach out to a member of the team via

Craig Lusher from our Secure team reveals the DDoS stats for the final quarter of 2023 and looks back at attack trends for the iGaming industry across the previous 12 months


The fourth quarter saw a total of 187 DDoS attacks launched against Continent 8 customers, a significant decrease from the 1,106 recorded in Q2 and the 359 in Q3. In fact, Q4 was the second-lowest month in terms of attacks, coming in just behind Q1 where 184 attacks were registered.

Before looking at how attack trends played out across the year, let’s first analyse the data from Q4 to understand attack characteristics over the three months.

In the fourth quarter, the intensity of attacks peaked in October with 84 separate incidents recorded with 44 in November and 59 in December. Over the period, a total of 27 customers were attacked making it a widespread issue rather than being isolated to a few organisations.

Malta was the most targeted location, suggesting a geographical focus of the attacks perhaps because of vulnerabilities that had been exploited.

Interestingly, there were no repeat attacks on the same day, indicating that each attack was a unique event. This implies that attacks were well-mitigated after the first occurrence or that attackers did not persist on the same targets within 24 hours.

The average number of attacks experienced by each customer was seven, but the most affected single customer experienced 49 attacks, significantly higher than the average. This suggests that some customers are at greater risk than others and may require additional protective measures.

The largest attack size was 412.9 Gbps but the average attack size throughout the quarter was 2.7Gbps. This is a significant disparity and suggests that while most attacks were relatively small, there were significant outliers that boosted the average.

Across the quarter, only one attack exceeded 100 Gbps which underscores the exceptional nature of the largest attack. The average attack duration was 42 minutes with the longest attack lasting just 3.3 hours, the shortest of the year – the longest attack came in Q2 and lasted a staggering 799.7 hours.

For the fourth quarter, the peak megapackets per second (MPPS) rate came in at 36, the second highest of the year behind the 316.9 recorded in Q2, providing insight into the intensity and potential impact of the attacks.

The Q4 stats show a need for targeted DDoS mitigation strategies, especially in high-risk months and for customers who are more frequently targeted. The data also helps enhance our DDoS Mitigation Solution, allocating more resources during peak attack periods and in regions such as Malta.

The fourth quarter of 2023 sits in stark contrast to 4Q22 where Continent 8 blocked a total of 3,367 separate DDoS events during a well-orchestrated campaign that coincided with the World Cup and the Christmas Holidays.

While the volume of attacks dipped significantly in 1Q23, the second quarter saw a significant resurgence in terms of the volume and size of attacks.

2023: A year in DDoS stats

Q2 would become the standout quarter during the year with a total of 1,106 separate attacks blocked between April and June. This compares with 184 attacks in Q1, 359 in Q3 and 187 in Q4.

The most attacked locations were Kahnawake (Q1), Paris (Q2), Isle of Man (Q3) and Malta (Q4) with January, May, July and October being the months with the most DDoS attacks recorded. The number of unique customer attacks was 83, 29, 24 and 27 respectively.

The highest number of attacks against a single customer came in Q2, with 669 recorded, followed by 98 in Q3, 49 in Q4 and 31 in Q1. The longest single attack lasted 799.7 hours (Q2) with the shortest coming in at 3.3 hours in Q4 – in Q1 it was 5 hours and in Q3, 20 hours.

In terms of trends, Q1 saw a relatively high number of customers attacked at 83 but with a modest number of total attacks and the largest attack size of 49.5 Gbps. This shows that while attacks were frequent, they were less severe.

But Q2 presents a stark contrast. Despite a smaller number of customers being attacked (29), the total number of attacks was incredibly high with a remarkably large attack size of 560.6 Gbps. The high number of attacks against a single customer and the unprecedented longest attack time indicated a period of sustained, severe attacks.

In Q3 the focus of attacks shifted to the Isle of Man in July. The frequency of attacks and the number of customers impacted dropped. So too did the size of the largest attack but at 149.7 Gbps it was still substantial, denoting a continued threat.

For Q4, the size of the largest attack was once again on the rise, coming in at 412.9 Gbps indicating a resurgence in attack severity. That said, the highest number of attacks on a single customer and the longest attack duration were both down, suggesting effective mitigation of attack efforts.

In summary, 2023 began with frequent but less severe attacks which peaked in intensity during Q2 and especially in Paris. As we moved into the second half of the year, we saw signs of decreasing frequency and severity.

That said, the large attack sizes in Q4 indicated that while attacks may have become less frequent, their potential impact remains high, and businesses absolutely must have the protections in place to defend their systems, networks and data against DDoS attacks.

Our data and analysis should also be used to inform cybersecurity strategies moving forward and for resource allocation for DDoS mitigation efforts.

Continent 8’s L3-7 cloud DDoS mitigation service and recent upgrades

Our service provides complete layer 3 through 7 DDoS mitigation with bespoke profiling. Over the past year, Continent 8 has significantly enhanced its DDoS protection service through major upgrades to its network, DDoS platform and customer systems. We have streamlined our Tier 1 provisions by optimising the number of providers and doubling capacity. This was achieved by optimising the number of tier 1 providers, allowing for more efficient global traffic management and engineering.

Additionally, the DDoS service improvements include the introduction of a new scrubbing centre in Denver, which utilises the A10 TPS model consistent with previous deployments and increases the overall DDoS scrubbing capacity available. The expansion of the network edge with Juniper devices across multiple global locations, including NWK1, LON1, and HKG1, enhances the network’s resilience and capacity. These devices offer a significant capacity upgrade, supporting up to 4.8 Tbps, which is a substantial increase over the legacy models.

Furthermore, enhancements to the internal systems and the Customer Portal & API have been made, including the addition of 21 new features, redesigning of six existing features, and the resolution of 29 bugs. These improvements aim to enhance customer experience by providing better notifications, visibility of real-time events, and access to downloadable reports, thereby improving the overall effectiveness and responsiveness of the DDoS protection service.

To learn more about how Continent 8 can help defend your organisation against DDoS attacks with its iGaming cybersecurity solutions, contact a member of the team or head here for more info.

Jeremie Kanter, Director of Regulatory Affairs at Continent 8 Technologies

The global gambling industry has undergone a significant transformation in recent years. Government policies and ever-evolving stringent regulations continue to shape the undulating landscape for operators. Responsible gambling is not limited to the protection of vulnerable gamblers. With so much money and sensitive personal information being exchanged online, gambling sites have become a hot target for bad actors; therefore, it is essential that the industry takes cybersecurity seriously.

As quickly as technology advances, so do methods of hacking and scamming. Online gambling companies need to have many layers of defence to protect themselves and their customers. Cybersecurity, backed by Artificial Intelligence (AI) and machine learning, plays a pivotal role in safeguarding the gaming environment from a multitude of threats whilst protecting players and transactions and strengthening operators’ responsible gambling obligations. Cybersecurity measures ensure online sports betting platforms effectively enhance the integrity of their platform and demonstrate their commitment to fair play, transparency, and player safety.

User Data Protection

One of the most critical aspects of cybersecurity in the online sports betting industry is protecting sensitive information. Cybersecurity solutions shield customer data from breaches with advanced encryption techniques and intrusion detection systems. AI-driven security systems can identify and mitigate potential threats in real time, ensuring a robust defence against data breaches and cyber attacks. This not only secures player information but also safeguards gambling operators’ trustworthiness and brand integrity.

Preventing Fraud and Scams

Another essential consideration for operators is preventing fraud and taking anti-money laundering (AML) measures. The gambling industry is particularly susceptible to fraud, with hackers constantly devising new scams to exploit vulnerabilities. Robust cybersecurity measures underpinned by machine learning algorithms analyse vast amounts of information, including transaction records, customer information, and other financial data, to identify suspicious activity, enabling operators to intervene promptly. By employing effective cybersecurity measures, operators can protect their players from these types of illegal activities whilst minimising reputational damage.

Regulatory Compliance

Regulatory compliance is not just a legal requirement but also a means of building trust with players and regulatory authorities. By prioritising cybersecurity, iGaming operators can ensure they are not only following regulatory requirements, but they proactively avoid any potential legal or financial risks. Robust cybersecurity measures and AI systems help operators manage compliance by automating reporting, monitoring transactions, and ensuring adherence to data protection laws. 

Protection Against Gambling Addiction

Part of an operator’s responsible gambling obligations include safeguarding players from addiction. How can the deployment of cybersecurity and AI-driven technology help in this regard? AI and machine learning algorithms can analyse player activity patterns and behaviours, identifying early signs and markers of harm. It can also track time spent gambling and prompt players to take a break. This information can be used to intervene and offer support to players who may be at risk. AI-driven chatbots provide real-time assistance to players seeking information and resources on responsible gambling. These chatbots can provide guidance and support and direct players to relevant resources when they exhibit risky or erratic behaviour. Offering immediate interaction with customers in need reinforces the industry’s commitment to responsible gaming and player wellbeing.

The gambling industry faces unique cybersecurity challenges that require a comprehensive and proactive approach. Responsible gambling is not just a legal requirement but a compass and an ethical obligation of the gambling industry. The importance of cybersecurity in the online sports betting industry cannot be overstated. Embracing a security-first mindset is essential for the gambling industry to thrive in an increasingly digital and interconnected world where the stakes are high.

Continent 8 can play a pivotal role in helping online gaming operators promote responsible gambling. By implementing advanced cybersecurity measures powered by AI-driven interventions, we can add significant value to operators, ensuring a safe and secure gaming environment while fostering responsible gambling practices. This not only benefits players but also enhances the reputation and trustworthiness of the operator.

Craig Lusher from our product team reviews the latest attack data with the intensity of attacks peaking in July and with one customer being hit 98 times over the three-month period

The third quarter of 2023 saw a significant reduction in DDoS attacks launched against Continent 8 customers.

The total number of attacks hit 359 during the period, down from 1,106 in Q2 where there was a continuation of the tumultuous adverse events that marked December 2022 with a well-orchestrated campaign that coincided with the World Cup and the festive holidays.

This saw Continent 8 defend 3,367 separate DDoS in the fourth quarter of 2022 alone.

In the third quarter of 2023, the intensity of attacks peaked in July with 195 separate incidents recorded. This was followed by August with 112 and September with 52. Over the three months, 24 unique customers were attacked making it a widespread issue rather than being isolated to a few customers.

On average, each customer faced 15 attacks in Q3, but one customer was subject to 98 attacks indicating a targeted effort and underscoring the need for all organisations to have specialised protective measures in place.

When it comes to the characteristics of attacks, there was great cause for concern with the largest attack hitting a staggering 149.7Gbps which could potentially cripple the most robust networks. The average size of attack was 2.27Gbps – manageable but not negligible.

The highest Peak Packets Per Second (PPS) recorded was 14.6 Mpps, and while this was substantially down on the 317 Mpps recorded in May 2023, it still indicates the scale of some of the attacks launched against Continent 8 customers during the quarter.

This highlights the importance of considering not just the throughput but also the volume of Packets Per Second because even low throughput attacks could involve millions of packets per second, threatening network equipment rather than just internet bandwidth.

This is why it’s vital to take a multi-layered approach to cybersecurity so that systems, networks and data are properly protected from different types of attack at a time when the volume and length of attacks remain high.

One customer was subject to an attack lasting more than 20 hours – so close to a full day. This shows the persistence of attackers. That said, the average attack duration during Q3 was 0.76 hours which comes to about 45 minutes.

This suggests most attacks were aiming for quick disruptions rather than prolonged engagement. Again, this is different to the previous quarter where the longest attack lasted an astounding 800 hours.

Interestingly, there were no attacks exceeding 1 Tbps, but there were four attacks exceeding 100 Gbps and four more in the range of 10-100Gbps. The majority of attacks – 350 altogether – were under 10 Gbps. This compares to a peak attack size of 560 Gbps in Q2.

When it comes to repeat attacks, 10 customers were hit for a second time in a 24-hour period – interestingly, in Q2 there were no instances of customers suffering repeat attacks within 24 hours – so this marks the return of attackers going after the same target multiple times.

The stats for the period from 1 July 2023 to 30 September 2023 relate to our customers based in different locations around the world. Key highlights include:

This quarter’s results show that attack tactics have changed once again with attack size reducing but with significant Packets Per Second being delivered via attacks.

This means that the threat has changed somewhat from earlier in the year – ensuring internet bandwidth is always vital but now more than ever organisations need to protect their network equipment and systems.

There has been a lot of discussion around the changing cyber threat landscape, but this quarter’s stats show that action is crucial if organisations are to ensure resilience and mitigate an attack which is now a case of when and not if.

Continent 8’s DDoS protection

Our solution continues to evolve and in recent months we have amplified our scrubbing capacity to 2.5+Tbps, as well as increased our scrubbing centres geographically deployed across multiple continents. Locations include Los Angeles, Chicago, New York, Miami, London, Amsterdam, Frankfurt, Singapore, Hong Kong and Sao Paulo.

Our proven platform is one you can rely on with a capacity only matched by the largest DDoS providers on the planet. Learn more about our DDoS solutions here or contact Craig via

The Latin American (LATAM) region has rapidly emerged as an enticing frontier in the global iGaming market. Its immense potential, unique characteristics, and dynamic nature make it a rich opportunity for operators and providers looking to expand their horizons.

In a recent webinar moderated by Anna McChesney, Senior Marketing Manager for Continent 8 Technologies, Gabriel Szlaifsztein, Regional Sales Director for LATAM (Continent 8) and Marcelo Blanco, CTO at Vibra Gaming (a Continent 8 customer), explored what the opportunity is for operators and suppliers in the region and how to develop a strategy for growth across this emerging market.

They also addressed the current and future regulatory landscape, the importance of cybersecurity, cultural nuances, infrastructure requirements and the influence of socioeconomic factors affecting player habits. Marcelo provided deeper insight into the key challenges and opportunities when setting up regional operations through his customer case study and talked enthusiastically about how “opportunity beckons.”

Emerging Market Potential

The LATAM region is often hailed as one of the most promising emerging markets in the iGaming sector. Its vast, untapped population of over 670 million, the proliferation of mobile devices, and an increasing appetite for online entertainment create a perfect storm for growth. The region is ripe for innovation and investment, attracting global players who recognize the potential of this exciting market.

Regulatory Landscape

The regulatory landscape in LATAM varies significantly from one country to another. Some countries have embraced iGaming and enacted favourable legislation, while others are still navigating the complexities of regulation. It’s imperative for operators and providers to closely monitor and adapt to the evolving legal framework in each jurisdiction they operate in. In our webinar, Gabriel explains the growing acceptance and adoption of regulation and provides a detailed, country-by-country overview of gambling activity and licensing requirements across the region.

Cultural Diversity

LATAM is a tapestry of diverse cultures, languages, and traditions. Understanding the cultural nuances of each nation is pivotal for iGaming success. Tailoring strategies and customising offerings to resonate with local markets in each country, from content and marketing to user experience, is a key consideration in the region. The flexibility required to create a “unique look and feel” for different products is crucial.

“There is a huge diversity of devices and connectivity across Latin America. We need to provide different content for different markets in order to provide the right solution. Each audience has a particular taste, and we must accommodate that.” – Marcelo Blanco, CTO, Vibra Gaming.

Sports Betting Popularity

Sports hold a special place in the hearts of many LATAM residents. Football, in particular, reigns supreme, and sports betting enjoys immense popularity. Boxing, basketball and baseball also attract a lot of interest. There has been an explosion in online gaming and sports betting in the LATAM region, which has risen sharply since the pandemic. There were 383 million registered mobile internet users in 2022, with the highest numbers in Brazil and Mexico. The intertwining of sports betting and iGaming presents a unique opportunity for providers to engage a passionate audience.

Technological Advancements and Cybersecurity

As the LATAM iGaming market evolves, embracing technological advancements becomes vital. Infrastructure and cybersecurity take centre stage to protect sensitive data, ensure fair play, and maintain uninterrupted services. There are 135 data centres across the region, all very well distributed. Continent 8 has established certified operations in Colombia, as well as Peru and Puerto Rico.

“The right data centre for operations in LATAM is a combination of technical capacity, latency and regulatory aspects in the target market.”Gabriel Szlaifsztein, Regional Sales Director (LATAM), Continent 8.

Cyber threats are on the rise. According to a recent cybersecurity report by Fortinet, there were 137 billion registered cyber attack attempts in Latin America during the first half of 2022, the main attack vectors being ransomware and DDoS. Mexico saw the highest number of cyber attacks, followed by Brazil and Columbia. This makes the role of cybersecurity paramount for the industry’s integrity and a critical investment for operators and suppliers.

Local Partnerships

Local partnerships and collaborations are crucial to navigating the intricacies of the LATAM iGaming sector. Understanding local business practices, forming solid relationships with local entities, and complying with regulatory requirements are integral to long-term success. Marcelo talks about the importance of being prepared and describes how having a strong partner in Continent 8 was critical to Vibra Gaming’s journey when setting up infrastructure in regulated markets.

The LATAM iGaming market is a treasure chest of opportunity for operators and providers with the vision to tap into its potential. While navigating the complexities of regulation, understanding cultural diversity, and embracing technological advancements, industry players can position themselves to thrive in this dynamic and evolving landscape.

In the final part of the webinar, Gabriel and Marcelo discussed their predictions for the industry and the region for the next 5 years. These included greater coverage for regulated markets, a level-up in disruptive and emerging technologies and the development of a new breed of players as the market matures.

Interested in learning more about developing a strategy for growth in the LATAM region? Contact Continent 8 today and book your free 1-hour consultation with our experts.

Distributed denial-of-service (DDoS) attacks threaten data integrity of numerous companies worldwide. Unlike a DoS attack, which originates from a single location, DDoS attacks occur from multiple locations simultaneously, making securing data potentially more complicated.

Understanding the mechanism of DDoS attacks and what an enterprise must do to safeguard its data against them is critical. Here Craig Lusher, Senior Product Specialist – Secure, discusses where DDoS attacks originate and why it is important to deploy thorough prevention strategies.

How do DDoS attacks work?

DDoS attacks involve hackers flooding a network or server with fake traffic. They overwhelm the system, disrupting genuine user requests and causing the server to crash. During a DDoS attack, your website will be bombarded with requests from various sources for an extended duration.

These requests are not a result of a sudden increase in legitimate visitors. Instead, they are automated and originate from a limited number of sources, the quantity of which depends on the attack’s size.

DDoS attacks can come from competitors or other entities that intend to disrupt access to website’s content. Either way, it poses significant risks to the company’s integrity.

For instance, research conducted in 2022 revealed a 74 percent increase in DDoS attacks, causing disruptions and financial losses. Most of these attacks targeted the fintech industry, accounting for 34 percent of these attacks and experiencing a twelvefold rise in attack traffic. Experts also predicted that the number of DDoS attacks would double, going from 7.9 million in 2018 to over 15 million by 2023.

Moreover, DDoS attacks can have widespread consequences beyond individual data breaches. They can disrupt entire networks, affecting critical services and the availability of websites and online platforms. For businesses, these attacks can lead to significant financial losses, harm their reputation, and diminish customer trust.

Strategies to prevent DDoS attacks

Seeing how significant the impact of DDoS attacks is, use the following strategies to shield your server from these threats.

Increase bandwidth

To strengthen your hosting against DDoS attacks, you need sufficient bandwidth to manage traffic spikes caused by cyber attacks. Increasing bandwidth makes it harder for attackers to execute successful DDoS attacks. However, this won’t be enough to protect your website thoroughly. It would be best to combine it with other mitigation tactics for comprehensive cyber security.

Prepare for DDoS attacks in advance

Anticipating a cyber attack in advance is essential for a proactive security architecture, enabling a quick response to potential threats before they can harm your website. An effective security plan includes identifying your response team, prioritizing critical functions, and establishing communication with your Internet Service Provider, which can help stop the attack.

Identify normal traffic

When you notice a sudden increase in traffic to a host, you can use ‘rate limiting’ to manage the incoming traffic at a level the host can handle without causing disruptions. Advanced security goes further by checking each packet to see if it’s valid. If you want to do this effectively, you must understand what normal, legitimate traffic for the target looks like and then compare each packet to this standard. This will help you identify any unusual patterns or potential threats.

Diversify security infrastructure

To protect against DDoS attacks, your infrastructure should be robust. Instead of relying solely on firewalls, you can diversify your approach by distributing data centers across different networks, avoiding concentration in one location, placing servers in multiple data centers, and ensuring uninterrupted traffic flow without network bottlenecks.

Practice security policies

Make sure to follow strong security practices, like changing passwords regularly, using secure authentication, and avoiding phishing attacks. Reducing user errors within your organization enhances safety, even during an attack.

Implement black hole routing

Black hole routing is a method to stop DDoS attacks by discarding harmful traffic before it reaches the target. It works by directing traffic to a non-existent “black hole” interface, effectively blocking traffic from the source of the attack. Although it is a reactive measure, it reduces the impact of DDoS attacks.

Employ a Cloud-based solution

A cloud-based DDoS service like Continent 8 is essential for effective protection. The cloud offers more bandwidth than on-premises resources and distributes servers across different locations, enhancing security for many websites with limited resources.

Monitor and analyze logs

Log monitoring provides valuable insights into your web traffic, enabling real-time threat detection and a faster DDoS mitigation process. By analysing log traffic statistics, you can identify when significant traffic spikes occur and determine the servers affected by the attack. Log analysis can also save time by notifying you about unwanted events in advance, reducing the time and effort needed for troubleshooting.

Recognize signs of DDoS attacks

Your network may slow down unexpectedly, your website could shut down, and you might start receiving an influx of spam. Additional signs of a DDoS attack include slow performance, excessive traffic from a single source, frequent crashes, poor connectivity, and any other unusual patterns, like a sudden surge in traffic from a single IP address.

Use a Web Application Firewall

A web application firewall (WAF) protects against harmful traffic that targets application vulnerabilities. It watches for unusual traffic patterns, blocking malicious ones while allowing legitimate ones. When you position a WAF between your server and the internet, it acts like a shield, ensuring all traffic goes through it first.

Security providers like Continent 8 assist global enterprises in protecting their servers from these malicious attacks. Ensure that you are implementing the industry’s best practices and be adaptive to changes.

In today’s data-centric world, where information is both a currency and a vulnerability, dedicated servers have emerged as essential tools for corporations. These powerful hosting solutions offer a sanctuary where your data is protected, your applications run smoothly, and your digital operations remain under your control.

But here’s the catch — in a landscape rife with digital threats and potential breaches, relying on shared hosting or inadequate security measures can expose and vulnerable your valuable data. Dedicated servers, in essence, provide you with your private fortress within the digital realm. They ensure critical data and sensitive information are shielded from prying eyes, cyber threats, and unexpected downtime.

Whether you manage confidential financial records, legal documents, or high-value assets, dedicated servers are the ultimate guardians of your digital assets.

What are dedicated servers?

In hosting solutions, dedicated servers stand as a formidable choice. But what exactly are dedicated servers, and why are they highly regarded? Let’s begin by getting into the essence of dedicated hosting.

Defining dedicated servers

Dedicated servers are robust physical machines exclusively dedicated to a single user or organisation. This exclusivity ensures unadulterated access to all server resources, providing consistent and high-performance hosting.

Their unique advantage over cloud servers

Unlike cloud servers, which share resources among multiple users through virtualisation, dedicated servers offer dedicated hardware resources. This makes them ideal for resource-intensive applications and operations that require data-sensitive handling.

Why opt for dedicated server hosting?

As the demands on hosting services grow, dedicated servers have emerged as the powerhouse of hosting solutions. But what makes them the top choice for many discerning users? Let’s delve into the compelling reasons to opt for dedicated server hosting.

Unmatched performance

Dedicated servers deliver unparalleled performance by avoiding resource-sharing. They handle resource-intensive tasks such as running complex applications, hosting large databases, or managing high-traffic websites with ease.

Impeccable security

Security is paramount for businesses because it safeguards sensitive data, ensures regulatory compliance, protects reputation, maintains business continuity, and enhances competitive advantage. Dedicated servers play a pivotal role in achieving these aims by enabling robust security configurations and empowering stringent protective measures.

Total control and customisation

Dedicated server hosting provides complete control over server settings, software installations, and updates. This level of customisation is invaluable for clients with specific hosting requirements and preferences.

What is the role of data centres in dedicated hosting?

Data centers are vital for dedicated servers’ performance and reliability. Uncover why data centers are central to dedicated hosting.

Understanding data centers’ significance

Data centers are fortified facilities purpose-built to house and manage dedicated servers. They create a controlled environment with redundant power, cooling, and security measures, ensuring consistent server uptime and safeguarding precious data.

Ensuring data center excellence

When choosing a dedicated hosting provider, it’s imperative to evaluate the quality of their data center facilities. The uptime, redundancy, and physical security measures guarantee uninterrupted service and data protection.

Demystifying managed dedicated hosting

Managed dedicated hosting simplifies the complexities of server management. To learn more about its benefits, here is the key information on managed hosting services.

The essence of managed hosting services

Managed dedicated hosting takes the burden of server management off your shoulders. Hosting providers handle server monitoring, security updates, software installations, and troubleshooting tasks, freeing clients to focus on their core activities.

Leveraging the benefits of managed hosting

Managed dedicated hosting is particularly advantageous for those who seek a seamless hosting experience. It ensures server optimization, security, and reliability without requiring in-house IT expertise — a boon for businesses.

How to choose the right dedicated hosting provider

Selecting the ideal dedicated hosting provider is a critical decision that shapes your hosting journey. Your provider becomes your trusted companion, and this section will guide you in making the right choice.

Critical considerations for provider selection

When choosing a dedicated hosting provider, evaluate server specifications, bandwidth options, scalability, and pricing. Additionally, scrutinise the provider’s reputation, track record, and the quality of their customer support.

Decoding service level agreements (SLAs)

Pay close attention to the Service Level Agreements (SLAs) offered by hosting providers. These agreements define the level of service, uptime guarantees, and support response times. Ensure that the SLA aligns with your expectations and business requirements.

Colocation: Bridging ownership and security

Colocation services offer the unique synergy of server ownership and data center security. Let’s explore this strategic approach to hosting.

Colocation services unveiled

Colocation involves clients owning their dedicated servers while housing them in a data center provided by a hosting company. This option combines the benefits of dedicated servers with the reliability and security of professional data center facilities.

When colocation fits the bill

Colocation is an optimal choice when you have existing server hardware-specific hardware configurations in mind or when you require a secure, controlled environment for your data storage needs.

Dedicated servers are a robust and dependable hosting solution tailor-made for corporates. With unparalleled performance, security, and customisation, they form the bedrock for managing critical data and applications. Augmenting dedicated servers with managed hosting services and placing them within reputable data centers elevates them to the pinnacle of hosting choices, ensuring peace of mind and optimal performance for the most exacting clients.

When selecting your dedicated hosting provider, like Continent 8, navigate these waters with care, focusing on your unique requirements and objectives to discover the perfect fit.

Justin Cosnett, Chief Product Officer, discusses how to select the right cloud service and security measures for your business.

The cloud is a network of servers that provides resources like data storage and computing power for users. It has become a main staple for businesses that aim to scale up. While the cloud offers various advantages to enterprises, some challenges make this infrastructure difficult to implement.

First, a business must choose between public and private cloud infrastructure. Not all companies can afford a customized cloud computing system, but there is no denying that the private infrastructure offers various advantages.

Security issues related to the cloud have also become a concern for enterprises. Companies may risk their hard-earned reputation if they fail to choose the right cloud hosting service or implement the best security methods.

Public vs. Private Cloud

As the name suggests, public cloud refers to the cloud infrastructure multiple entities use to keep their data. It does not mean that tenants’ data are mixed up, though. The service provider isolates each tenant’s data.

Meanwhile, the private infrastructure is designated for one tenant. Because of that, the user has the freedom to customize the infrastructure to their liking. It ensures that the solutions provided by the cloud system match what the company needs.

Having a designated cloud infrastructure also helps with scalability. Since the cloud system is only used by one company, there is no risk of capacity contention. When the company plans to scale its cloud infrastructure, it only needs to add bare metal servers and configure these new servers. Private cloud also offers enhanced safety, as companies can access their data and applications via private network links.

Although private cloud sounds like an ideal system for a company, there are situations where public cloud may be the better option. Public cloud can help companies handle less sensitive data they do not need to access frequently. The multi-tenant system also suits companies that are still growing and deal with less complex data. It is the more economical choice for companies than the private system.

Security measures to protect cloud

Security challenges to a cloud infrastructure are continuously changing. There are increased external attacks, dynamic workloads, highly automated DevOps culture, and cloud compliance. The following are the best security practices to overcome those challenges.

Policy-based, granular IAM

Implementing a granular identity and access management (IAM) is critical in ensuring the security of a cloud system. More than that, everyone within the organization must stick to the protocol. Instead of implementing the protocol based on individuals, experts suggest basing it on groups and roles.

A cloud system should use the zero-trust approach in its IAM practice. It means the system should not automatically trust any entity within or outside the network and verify everything. Based on this approach, each role should only be given access to the resources it needs to perform its tasks.

Safe data backup and recovery plan

Many organizations use the cloud to backup data from their own servers. It makes them sometimes overlook the need to back up the cloud system. Note that cloud servers are not 100 percent secure from internal and external threats.

The cloud security system must employ a safe data backup and recovery plan in emergencies. This protective measure will ensure that the organization can still run even if its key data server is down.

Proactive monitoring

Monitoring the system actively is necessary to detect issues before they spread out. Ideally, the administrator employs vulnerability scanners, public threat intelligence feeds, and other anomaly detection tools to ensure the cloud system is safe.

Alerts should happen in real-time to ensure administrators can immediately fix the issue. Besides proactive monitoring, the system must have response policies for various threats so that administrators can resolve problems promptly.

Implementing data encryption and firewall

Data encryption is vital for organizations that store their data in the cloud system. Encryption ensures that only authorized individuals can access the organization’s sensitive data. It transforms the data into a code that only people with authorized access can decode.

Cloud security systems also use web application firewalls to safeguard applications within the network, particularly cloud native distributed applications. This makes it easier for the system administrator to monitor traffic from and to web app servers.

Human resource training

Cloud is a highly intelligent system that is automatically updated to enhance security. However, this data solution is used by humans, so the system is not safe from potential errors. An interesting study by Stanford University even reveals that more than 80 percent of data breaches are caused by human error.

Companies must train their employees to recognize cybersecurity risks like phishing and malware. They must also learn how to access the company’s cloud server safely. These employees must be trained to notify the IT department immediately if they suspect foul play.

Cloud service providers have their own security measures. However, some companies may opt to work with security services like Continent 8 to further enhance their data protection.

Let's work together.


Asia +65 3165 4649
Europe +44 1624 694625
Latin America +54 11 5168 5637
North America +1 514 461 5120