Continent 8’s end-to-end regulatory cybersecurity services ensure Rising Digital maintains full compliance within the six – and growing – US states in which it operates.
Rising Digital Corporation is a gaming company that develops and publishes slot games, table games, game systems and game platforms. Recognized as the leading developer of Asian slot games in the casino gaming industry, Rising Digital provides games to the major gaming manufacturers worldwide.
Rising Digital required a Managed Security Service Provider (MSSP) to architect and deploy regulatory compliance programs tailored to the diverse requirements of each interested US state jurisdiction, ensuring consistent, best-in-class security and regulatory standards across all operational states.
Rising Digital selected Continent 8, its existing cloud partner and the leading provider of infrastructure and cybersecurity solutions for the iGaming and online sports betting sector, to lead its regulatory cybersecurity strategy.
In collaboration with Continent 8 and its cybersecurity specialist division, C8 Secure, Rising Digital successfully completed a comprehensive suite of regulatory compliance assessments and services, including:
Rising Digital has successfully rolled out a comprehensive cybersecurity program across multiple jurisdictions, including Connecticut, Delaware, Michigan, New Jersey, Pennsylvania and West Virginia – as well as the Canadian province of Ontario – delivering compliance with state-specific requirements. In addition, Continent 8’s regulatory cybersecurity expertise has enabled the proactive identification of vulnerabilities and the delivery of actionable insights that fortify Rising Digital’s cybersecurity posture.
By partnering with Continent 8 and leveraging its regulatory cybersecurity services, Rising Digital is strategically positioned to proactively address and surpass evolving compliance requirements. This collaboration ensures a measurable competitive edge with regulators across both forthcoming US state market deployments and established jurisdictions.
Aimin Cong, CEO of Rising Digital, said: “We are delighted to formalize our relationship with Continent 8 for our growing iGaming operations business. With the utmost importance being placed upon compliance, performance and security, we believe Continent 8 is an excellent infrastructure and cybersecurity services partner.”
Patrick Gardner, Chief Security Officer at Continent 8, said: “We are honored that Rising Digital has placed its trust in Continent 8 as its infrastructure and cybersecurity partner as they expand their operations across the United States.
“At Continent 8, we pride ourselves as being a one-stop-shop provider of infrastructure, cloud, regulatory and cybersecurity solutions. Our services enable iGaming companies like Rising Digital to swiftly meet multi-state regulatory requirements, safeguarding their operations while providing peace of mind. We stand committed to setting the highest standards and value for cybersecurity and compliance services within the ever-growing iGaming and online sports betting sector.”
For more information on how to meet your jurisdiction’s regulatory cybersecurity requirements, visit continent8.com or contact sales@continent8.com.
number of games accessible to B2C operators
transactions per second that need to be secured
critical cybersecurity issues identified
Global iGaming aggregator leverages Continent 8’s Vulnerability Assessment and Penetration Testing (VAPT) cybersecurity services to securely connect B2C operators to over 16,000 games from more than 160 providers.
Alea is an award-winning leader in the field of online gaming, with a decade of experience in the industry. Alea aggregation platform handles over 21,000 transactions per second, with bank-level security, full regulatory coverage and local insights that helps their customers move faster in markets like Brazil, South Africa, Spain and beyond.
Alea is one of the industry’s most rapidly expanding game aggregators. By utilising a single API integration, Alea offers customers access to over 16,000 games from more than 160 providers, simplifying technical complexities and enhancing operational efficiency. The security and reliability of these game APIs and integrations are vital to Alea’s operational integrity.
To address the evolving cybersecurity challenges associated with a rapidly growing network, Alea engaged Continent 8 to conduct a thorough assessment and evaluation of their cybersecurity framework through a comprehensive Vulnerability Assessment and Penetration Testing (VAPT) service.
Alea’s coding platform comprises over 100 microservices leveraging diverse technologies, databases and queue systems, presenting a significant technical challenge in securing all connections. Additionally, Alea processes over 21,000 requests per second, necessitating the demonstration of successful transaction management. With a complex aggregation platform, Alea aimed to ensure and demonstrate their status as a secure and robust game aggregator provider.
Continent 8, along with its specialised cybersecurity division, C8 Secure, conducted the cybersecurity audit. They employed their Vulnerability Assessment and Penetration Testing (VAPT) service to perform a thorough security evaluation of Alea’s entire digital infrastructure, providing a complete view of their attack surface area.
The VAPT service from Continent 8 and C8 Secure enabled Alea to safeguard their API, code and services against vulnerabilities such as broken authentications, cross-site scripting (XSS), sensitive data exposure and SQL injection. As a result, the cybersecurity audit identified no critical issues within their aggregation platform.
The comprehensive VAPT assessment allowed Alea to detect potential internal and external IT vulnerabilities, enabling them to prioritise and implement security improvements to reduce risk exposure, thereby assuring their customers of a secure and reliable platform.
Patrick Gardner, Chief Security Officer at Continent 8, presenting Eduard Fumás, Chief Technology Officer at Alea, with their VAPT completion certificate.
Eduard Fumás, Chief Technology Officer at Alea said, “At Alea, security is at the core of everything we do. Our commitment to creating a secure, robust and scalable API solution sets a new standard in the iGaming industry, where data protection and system integrity are critical. Partnering with Continent 8 has been an important step for us in proactively safeguarding our platform and reinforcing the trust our partners place in us. This collaboration ensures that we continue to deliver a reliable, secure API experience to our clients. We’re proud to work with a partner that shares our dedication to cybersecurity excellence.”
Patrick Gardner, Chief Security Officer at Continent 8 said, “Alea’s three principles of security, scalability and robustness resonate with Continent 8. Given the number of APIs Alea is using, their proactive approach to assessing their business and guaranteeing security for its partners is imperative.
“It’s great to be supporting Alea; we encourage all businesses in this industry to take the cybersecurity threat seriously.”
Vulnerability Assessment and Penetration Testing (VAPT) service enables the independent gaming commission to test IT infrastructure for vulnerabilities
Continent 8 Technologies, the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions for the tribal gaming industry, supports Cherokee Tribal Gaming Commission (TGC) with its proven Vulnerability Assessment and Penetration Testing (VAPT) services.
The Cherokee Tribal Gaming Commission is the independent tribal gaming regulatory authority established in 1993 under Chapter 16 of the Cherokee Code of the Eastern Band of Cherokee Indians (EBCI).Charged with the duty to ensure fairness and integrity of the gaming activities within its facilities, the commission enlisted Continent 8, and its cybersecurity division, C8 Secure, to conduct pen testing.
The VAPT service provides a comprehensive security assessment of an organizations infrastructure and applications. Often mandated by regulation, it helps organizations measure the real-world effectiveness of their security controls and incident response capabilities. Additionally, the service provides actionable insights, including prioritized recommendations and industry best practices to address identified vulnerabilities and strengthen overall cybersecurity posture.
Emra Arkansas, Executive Director at Cherokee Tribal Gaming Commission said: We are sincerely grateful to Continent 8, especially Patrick Gardner, Anthony Engel and Jerad Swimmer, for their partnership and recognition of our ongoing cybersecurity initiatives. The Cherokee Tribal Gaming Commission remains firmly committed to protecting not only our critical infrastructure but also the sovereignty that underpins our regulatory authority. In an era of growing cyber threats, safeguarding Tribal IT systems is more than a technical priority, it is a sovereign responsibility. With Continent 8s trusted expertise, we are proud to set a higher standard for cybersecurity in Indian Country, ensuring our operations remain secure, resilient and self-determined.
Patrick Gardner, Chief Security Officer at Continent 8 said:In response to todays evolving cyber threat landscape, the Cherokee Tribal Gaming Commission is working to establish a new standard in cybersecurity and we are proud to support this important initiative. Their proactive efforts to safeguard critical infrastructure reflect a deep and ongoing investment in cybersecurity resilience.”
Jerad Swimmer, Regional Sales Director at Continent 8 added: “It was a pleasure collaborating with the Cherokee Tribal Gaming Commission in conducting a comprehensive evaluation of their IT infrastructure. Their team has shown a tremendous awareness of the escalating cybersecurity challenges within the tribal gaming sector. It is encouraging to see both enterprises and regulatory authorities actively enhancing their cybersecurity measures.”
For more information on how Continent 8 can support your cybersecurity initiatives or to schedule a no-obligation Cybersecurity Readiness Consultation, contact Regional Sales Director, Jerad Swimmer, at jerad.swimmer@continent8.com.
Jerad Swimmer, Regional Sales Director at Continent 8 Technologies, explores the benefits of Vulnerability Assessment and Penetration Testing (VAPT).
Tribal casinos are experiencing substantial financial growth. As highlighted in my previous blog, 2023 was a landmark year for the tribal gaming sector, with revenues hitting a record $41.9 billion USD, as reported by the National Indian Gaming Commission. Consequently, tribal casinos are increasingly targeted by cybercriminals, with reports suggesting a nearly 60% increase in cyber attacks on tribes in 2023.
With significant financial and personal data at stake, cybersecurity in tribal gaming and casino environments is a critical priority. But where should you start? In this blog, I’ll explain why Vulnerability Assessment and Penetration Testing (VAPT) is the perfect first step to bolster tribal gaming cybersecurity.
Let’s begin by defining VAPT. Craig Lusher, our Product Principal of Secure Solutions, describes VAPT as the following:
“VAPT is defined as a comprehensive set of cybersecurity services that helps organizations identify, assess and mitigate vulnerabilities in their IT infrastructure, applications and networks. Periodic Vulnerability Assessments (VAs) scan to detect exploitable vulnerabilities in customer networks and infrastructure and record them in a register, prioritizing remedial work and demonstrating continuous improvement. Penetration Tests (PTs) use identified vulnerabilities to further exploit and gain access, testing the efficacy of preventative security measures, procedures and technology.”
By simulating real-world cyber attacks, pentesting enables tribal casino IT and cybersecurity teams to identify system weaknesses and address potential vulnerabilities before they can be exploited by malicious actors. This strategy not only strengthens the casino environment but also ensures that cybersecurity measures remain robust and adaptable to evolving threats.
VAPT aims to establish what we at Continent 8 call a “hardened cybersecurity posture.”
A hardened cybersecurity posture integrates multiple protective layers, adhering to best practices for adaptability to threats and changes. It begins with technical controls such as network segmentation, access management and encryption, complemented by active defenses including web application and API protection, intrusion detection and cybersecurity monitoring. This approach is guided by policies and procedures for incident response and risk management.
The core components of a hardened cybersecurity posture create a robust defense system. Technical controls prevent attacks, while monitoring systems identify threats. Regular assessments are conducted to uncover vulnerabilities and governance ensures consistent implementation. This comprehensive approach ensures that even if one safeguard fails, multiple other layers remain to protect assets.
Implementing VAPT protocols is a beneficial practice for any tribal gaming organization. These measures not only bolster cybersecurity but also streamline internal and external audits.
By maintaining detailed records of testing and remediation efforts, casinos can demonstrate their commitment to cybersecurity to auditors. This transparency not only aids in passing audits but also enhances the casino’s reputation as a reliable and secure establishment.
Regular penetration testing provides tribal casinos with ongoing monitoring and enhancement of cybersecurity protocols, helping them stay ahead of potential cyber threats. This ensures a safer and more secure environment for both operations and players, while also building trust with internal and external parties and stakeholders. This proactive approach, again, is vital in preserving the casino’s integrity and reputation.
When choosing penetration testing tools for tribal casino and gaming cybersecurity, select tools that offer comprehensive coverage, capable of evaluating a wide range of vulnerabilities across multiple systems and applications.
A comprehensive VAPT service should encompass the following:
For more information on VAPT or to book a meeting with me at TribalHub Cybersecurity Summit or the Indian Game Tradeshow (Booth 18), contact me at jerad.swimmer@continent8.com.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series – also available on Spotify – to gain a deeper understanding of the technological advancements, cybersecurity challenges and best practices shaping tribal gaming landscape.
On May 2, 2024, the Secretariat of Prizes and Bets (SPA) and the Ministry of Finance (MF) issued Ordinance No. 722 (link here in Portuguese). This set of regulations outlines the essential technical and security criteria that iGaming and online sports betting operators must adhere to within six months of obtaining their gaming licenses.
In a series of blogs over the coming months, Luana Monje, Sales Executive at Continent 8 Technologies, will examine the various requirements for regulated iGaming in Brazil. First up, she examines the penetration testing requirement, along with other cybersecurity considerations, in more detail.
Ordinance 722, Annex IV, section 41 – Penetration testing: The purpose of penetration testing is to exploit any weaknesses discovered during the vulnerability assessment in any publicly exposed applications or systems that host applications that process, transmit and/or store sensitive information.
Executing thorough penetration testing is a testament to an organisation’s dedication to safeguarding user data. Ordinance 722 defines penetration testing as systematically challenging the strength of network and application layers so that operators and suppliers can identify and rectify vulnerabilities.
Our Vulnerability Assessment and Penetration Testing (VAPT) services provide comprehensive security assessments for a customer’s infrastructure and applications. The VAPT solution enables organisations to achieve regulatory compliance and understand their attack surface area, providing a strong foundation for strengthening security posture.
Key benefits include:
VAPT use case: Read how Continent 8 Technologies supports ODDSworks with cybersecurity audit and vulnerability assessment penetration test services. |
Ordinance 722 offers a set of ground rules from which iGaming and online sports betting operators and suppliers should start. Beyond the suggested checklist, operators and suppliers should also consider a holistic approach that ensures end-to-end protection against any security and cyber threat. A 360-degree defense strategy includes:
By referencing the SPA and MF’s Ordinance 722 policies and partnering with an experienced and trusted solutions provider like Continent 8, operators and suppliers can deploy multi-defense, multi-layer security protection strategies for their iGaming and online sports betting platform. This approach enables them to comply with Brazil’s latest technical and security regulations while demonstrating their commitment to providing secure and trustworthy gaming environments and experiences.
Continent 8 Technologies, the trusted managed hosting, connectivity, cloud and cybersecurity partner to the global iGaming and online sports betting industry for over 25 years, is live in every major regulated Latin American (LATAM) jurisdiction, including Brazil.
Operating out of the LATAM region since 2020, we offer operators and suppliers access to state-of-the-art data centers, connectivity to a global private network featuring 100+ locations across four continents and best-in-class managed and professional services to support the most demanding iGaming and online sports betting requirements.
Discover why Continent 8 is the go-to infrastructure and cybersecurity provider for leading LATAM operators and suppliers such as Betcris, Boldt, Bplay and Vibra Gaming, and learn how we ensure the seamless implementation of compliant and secure infrastructures so that your Brazilian gaming operations are live from day one.
For more information on how Continent 8 can support your organisation’s regulatory and cybersecurity requirements, contact Luana at luana.monje@continent8.com.
Em 2 de maio de 2024, a Secretaria de Prêmios e Apostas (SPA) e o Ministério da Fazenda (MF) emitiram a Portaria nº 722. Este conjunto de regulamentos define os critérios técnicos e de segurança essenciais que os operadores de iGaming e de apostas desportivas online devem cumprir no prazo de seis meses após a obtenção das suas licenças de jogo.
Em uma série de blogs nos próximos meses, Luana Monje, Executiva de Vendas da Continent 8 Technologies, examinará os vários requisitos para o iGaming regulamentado no Brasil. Em primeiro lugar, ela examina o requisito de teste de penetração, juntamente com outras considerações de segurança cibernética, em mais detalhes.
Portaria 722, Anexo IV, secção 41 – Testes de penetração: O objetivo dos testes de penetração é explorar quaisquer pontos fracos descobertos durante a avaliação de vulnerabilidades em quaisquer aplicações ou sistemas expostos publicamente que alojem aplicações que processem, transmitam e/ou armazenem informações sensíveis.
A realização de testes de penetração completos é uma prova da dedicação de uma organização à proteção dos dados dos utilizadores. A Portaria 722 define os testes de penetração como um desafio sistemático à força das camadas de rede e de aplicação para que os operadores e fornecedores possam identificar e retificar vulnerabilidades.
Os nossos serviços de Avaliação de Vulnerabilidades e Testes de Penetração (VAPT) fornecem avaliações de segurança abrangentes para as infra-estruturas e aplicações de um cliente. A solução VAPT permite que as organizações atinjam a conformidade regulamentar e compreendam a sua área de superfície de ataque, fornecendo uma base sólida para reforçar a postura de segurança.
As principais vantagens incluem:
Caso de utilização VAPT (em inglês): Leia como a Continent 8 Technologies apoia a ODDSworks com serviços de auditoria de cibersegurança e teste de penetração de avaliação de vulnerabilidades.. |
A portaria 722 oferece um conjunto de regras básicas a partir das quais os operadores e fornecedores de iGaming e de apostas desportivas em linha devem começar. Para além da lista de verificação sugerida, os operadores e fornecedores devem também considerar uma abordagem holística que garanta uma proteção completa contra qualquer ameaça à segurança e à cibersegurança. Uma estratégia de defesa de 360 graus inclui (ligações de produtos em inglês):
Ao fazer referência às políticas da SPA e da Portaria 722 do MF e fazer parceria com um provedor de soluções experiente e confiável como o Continente 8, operadores e fornecedores podem implantar estratégias de proteção de segurança multi-defesa e multi-camadas para sua plataforma de apostas esportivas iGaming e online. Essa abordagem permite que eles cumpram as mais recentes regulamentações técnicas e de segurança do Brasil, ao mesmo tempo em que demonstram seu compromisso em fornecer ambientes e experiências de jogos seguros e confiáveis.
A Continent 8 Technologies, parceira confiável de hospedagem gerenciada, conetividade, nuvem e segurança cibernética para a indústria global de iGaming e apostas esportivas online há mais de 25 anos, está ao vivo em todas as principais jurisdições regulamentadas da América Latina (LATAM), incluindo o Brasil.
Operando a partir da região LATAM desde 2020, oferecemos aos operadores e fornecedores acesso a centros de dados de última geração, conetividade a uma rede privada global com mais de 100 locais em quatro continentes e os melhores serviços gerenciados e profissionais da categoria para apoiar os requisitos mais exigentes de iGaming e apostas desportivas online.
Descubra por que o Continente 8 é o provedor de infraestrutura e segurança cibernética para os principais operadores e fornecedores da LATAM, como Betcris, Boldt, Bplay e Vibra Gaming, e saiba como garantimos a implementação perfeita de infraestruturas compatíveis e seguras para que suas operações de jogos brasileiras estejam ao vivo desde o primeiro dia.
Para obter mais informações sobre como o Continente 8 pode apoiar os requisitos regulatórios e de segurança cibernética da sua organização, visite Continent8.com ou contactar Luana em luana.monje@continent8.com.