Continent 8 Technologies, a leading provider of cutting-edge managed IT solutions designed for the global iGaming and online sports betting industry, has entered into a strategic partnership with New Dawn Risk, a specialist Lloyd’s broker.
This collaboration brings together Continent 8’s cybersecurity services with New Dawn Risk’s insurance expertise to offer iGaming businesses a coordinated approach to risk management. Operators benefit from both enhanced security protection and reduced insurance premiums, with underwriters offering discounts based on the security maturity and controls in place.
“This partnership represents a significant step forward in how we support our clients,” said Elizabeth Grima, Senior Executive Manager, New Dawn Risk. “By combining Continent 8’s trusted cybersecurity services with our tailored insurance solutions, we are offering iGaming companies a truly end-to-end risk management package. It goes beyond traditional broking – it’s about delivering resilience, continuity, and peace of mind in a sector where cyber threats and regulatory pressures are constantly evolving.”
The new offering will initially launch in the UK and Europe, with plans to expand globally. It combines specialist cybersecurity services with tailored insurance to make protection more accessible to iGaming companies. Services include Managed SOC & MDR, Cyber Threat Intelligence Exchange, DDoS protection, Web Application and API Protection (WAAP), and Multi‑Factor Authentication (MFA) for end users. Businesses adopting the package will benefit from discounted premiums, which increases their access to cost effective coverage.
“We are excited to partner with New Dawn Risk,” said Patrick Gardner, Chief Security Officer at Continent 8 Technologies. “This collaboration brings together two specialists in their fields to offer a compelling mix of advanced cybersecurity controls and tailored insurance solutions for the iGaming industry. Strong cyber defences not only protect operators and suppliers but also demonstrate sound risk management – an increasingly important factor when it comes to reducing insurance premiums. As the go-to cybersecurity provider to the industry, we’ve been delivering multi-layered protection solutions to high-risk gaming businesses for years, and this partnership builds on that proven foundation.”
Blueprint Gaming is a leading UK-based game studio and part of Germany’s Gauselmann Group. The company develops innovative slot games for the global online and mobile markets, with titles also available across more than 100,000 land-based gaming terminals in the UK, Germany, and Italy.
Blueprint Gaming had been using an incumbent SIEM tool that offered technology but not the expertise and operational support of a fully managed SOC.
As a lean infrastructure team operating in a high-risk, data-intensive industry, Blueprint needed:
Without additional specialist resources, maintaining a proactive security posture was becoming increasingly challenging.
Blueprint selected Continent 8’s Managed Security Operations Centre (MSOC) — a complete, fully managed security service integrating an advanced SIEM platform operated by Continent 8’s cybersecurity specialists.
Key capabilities delivered included:
This combination of technology, people, and process provided the 24/7 monitoring and threat response Blueprint required – without increasing internal workload.
Continent 8 delivered a robust managed security solution combining a leading technology stack with expert cybersecurity professionals who operate and manage the environment on Blueprint’s behalf.
Outcomes included:
Adam Shepherd, Head of Infrastructure at Blueprint
“We’re a small team that manages huge volumes of data in a high-risk industry. Managing that effectively – without compromising security – was a real challenge for us. That’s where Continent 8 stepped in, providing a managed SOC service with a strong focus on the threat landscape. They’ve enabled quicker responses to threats and equipped us with simplified dashboards. Working with the team has been a real pleasure.”
Patrick Gardner, Chief Security Officer at Continent 8
“Blueprint required strong security oversight without adding operational burden to a lean internal team. Our Managed SOC service was designed to deliver exactly that – improving visibility, accelerating threat detection, and optimising log volumes while maintaining a robust security posture. The result is a scalable, cost-efficient security capability aligned to the realities of a high-risk, data-intensive environment.”
Click to download the PDF version
Cybersecurity regulation in Europe is evolving rapidly, and iGaming businesses must prepare now for two major incoming frameworks: the NIS2 Directive and the EU cyber resilience act (CRA). These regulations introduce stricter security obligations, tighter reporting deadlines and heightened accountability across the iGaming ecosystem.
In our recent webinar, “iGaming’s new cybersecurity rules”, Oliver Crofton (Regional Sales Director – Cybersecurity at Continent 8 Technologies) hosted an in‑depth discussion with Craig Lusher (Principal Solutions Architect EMEA at Continent 8 Technologies) and Jo Joyce (Partner and Head of Regulatory, IP & Digital at Taylor Wessing Ireland). Together, they provided clarity on the regulatory landscape and outlined what operators, suppliers and technology partners must do to stay ahead.
Here’s a breakdown of the key takeaways.
The iGaming industry operates in a high‑risk digital environment. Real-time financial transactions, complex technology stacks, and large volumes of sensitive personal data (including government-issued identity documents attached to financial information) make it a prime target for attackers. As cyber threats grow more sophisticated, regulators are raising the bar to ensure resilience.
NIS2 and the CRA aim to:
For iGaming, where uptime, trust and compliance underpin commercial success, these changes are significant.
NIS2 is fully live and enforcement has begun. This is no longer about preparation; the question is whether your organisation is compliant right now.
According to Craig and Jo, NIS2 represents a major overhaul of Europe’s cybersecurity framework. It replaces the original NIS Directive (2016), which was fragmented, voluntary in practice, and allowed each country to implement it differently.
Key updates include:
Whilst NIS2 focuses on how organisations manage security, the CRA concentrates on the digital products those organisations depend on and produce.
CRA reporting obligations begin on 11 September 2026. From that date, manufacturers must report actively exploited vulnerabilities and severe incidents affecting the security of their products, following the same 24-hour early warning, 72-hour notification structure. For vulnerabilities, the final report must be submitted within 14 days of a corrective measure becoming available. Full product standards, including CE-marking requirements for software and connected devices, come into force in December 2027.
Jo highlighted that the CRA requires manufacturers and developers of digital tools – including gaming software, APIs, hardware and integrated systems – to
Given the heavy reliance on third‑party tech in iGaming, this places strong emphasis on vendor due diligence and supply‑chain oversight.
Jo: “I think one of the things that I’ve spotted is quite a lot of operators and firms within the iGaming ecosystem haven’t really necessarily accepted that they’re in scope.”
If your organisation provides or supports any of the following, NIS2 likely applies:
There are two additional points worth flagging. First, white-label and B2B providers are often managed service providers (MSPs) without realising it. If you run a player account management (PAM) system for 20 other brands, you are managing their core services, which, by definition, makes you an MSP. Under NIS2, MSPs are designated as essential entities, meaning they face ex ante supervision (proactive inspections and audits at any time), the same regulatory tier as a data centre or cloud provider.
Second, there is no “group privilege” under NIS2. If an internal IT arm provides services to the wider corporate group, it may be classified independently as an essential entity in its own right. Being part of a larger group does not shield individual subsidiaries or divisions from independent classification.
A readiness assessment is the essential first step.
Craig emphasised how the threat landscape facing iGaming businesses has intensified – including a 400% surge in cyber attacks targeting the gambling industry. This is not a gradual trend; attackers have industrialised their approach.
Operators and suppliers now face:
The interconnected nature of the sector amplifies the impact of any single vulnerability.
The cost of downtime in the industry now exceeds $6,000 per minute, and attacks are more visible in the news than ever, and recent breaches have seen hundreds of thousands of user profiles and identity documents exposed through relatively basic misconfigurations.
Craig highlighted several country‑specific differences in how NIS2 is being implemented, here are a few examples:
Malta moved faster than most EU member states, issuing Legal Notice 71 of 2025, with the CIPD as the ‘competent authority’. Self‑registration was due September 2025, so organisations that missed the deadline are now operating in a regulatory grey area. Governance and risk‑management controls must be live by March 2026, which at the time of the webinar was just weeks away.
Malta also goes further than EU baseline requirements by mandating a 24/7 security operations centre for digital infrastructure providers. Properly staffing a round-the-clock SOC requires at least 12 people to maintain a true rotation, which is a substantial operational investment for mid-sized operators.
The ultimate sanction isn’t just a fine; Malta can suspended MGA licences. For Malta-licensed gaming companies, this is an existential threat. If you lose your MGA licence, you are effectively locked out of dozens of global markets overnight.
Germany passed its implementation late, in November 2025. Registration deadlines for German‑based entities land in April 2026, leaving limited time for compliance.
Other member states are at various stages of transposition, and several missed the original October 2024 deadline. For operators with a presence in multiple EU countries, the practical challenge is managing compliance against several different national timelines and requirements simultaneously.
NIS2 is an EU directive, which means each member state must transpose it into national law. The result is that implementation timelines and specific requirements vary from country to country, and organisations operating across multiple jurisdictions need to track each one independently.
Both speakers stressed that NIS2 and the CRA require visible, ongoing engagement from senior management. Leading organisations will:
Under NIS2, leadership accountability is explicit. Executive training is not optional; it is a legal requirement under the directive.
Jo: “Just because something bad has happened doesn’t mean that you’re necessarily at fault… but you are going to have to produce reasonable reporting in layman’s terms… and explain that we’re operating in different risk parameters.”
Craig added the importance of training: “It’s mandatory for board‑level staff… you’ve got to keep training and constant training.”
Craig and Jo discussed the importance of reporting – especially when something goes wrong.
Jo: “The kind of reporting that one has to do under NIS2 is not a million miles away from the pre‑existing reporting… but there’s a real shift when you are experiencing a very serious incident.”
The 24‑hour reporting window is the operational flashpoint. Many companies are not ready for this. Under NIS2, the clock starts as soon as you become aware of a significant incident. You then have 24 hours to submit an early warning to the relevant CSIRT, 72 hours for a more detailed incident notification, and one month for the final report. A single incident can also trigger reporting obligations under the CRA and DORA simultaneously, each with different data requirements, formats, timelines and regulators.
Businesses need to prepare now by having supplier lists to hand, knowing exactly where to submit reports for each applicable regulation, and understanding that multi-jurisdictional reporting may be required.
Top tip from Jo:
Please print out a copy of your breach response plan… print out your incident response team list with phone numbers, ideally personal ones. If you can’t access your systems, it will take you an astonishing amount of time to pull this together.
Jo highlighted that enforcement activity under the CRA and NIS2 will be phased but increasingly serious.
From September 2026, the CRA introduces mandatory reporting of actively exploited vulnerabilities and severe incidents affecting product security. Full product‑related obligations take effect in December 2027, including the requirement for CE‑marking digital products, software included.
According to Jo, failure to report will likely be the first area where regulators take action, and penalties will be treated seriously.
Many NIS2 requirements are already enforceable. For essential entities that breach Articles 21 or 23, fines can reach up to EUR 10 million or 2% of total worldwide annual turnover, whichever is higher. For important entities, the maximum is EUR 7 million or 1.4% of worldwide turnover (Article 34 of NIS2). Regulators also have the power to issue binding instructions, order security audits, and, for essential entities, temporarily suspend or prohibit individuals from exercising managerial functions (Article 32(5)).
Jo: “They will factor in whether it’s going to bankrupt you… but they want these fines to hurt.”
This means businesses must act now to ensure reporting pathways, governance structures, supplier oversight and security controls are ready.
Craig and Jo recommended several clear actions for organisations:
There is a growing issue around the use of open‑source software (OSS) under the CRA. Although many OSS developers lobbied for exemption, OSS is widely used in commercial products. The CRA makes clear that organisations relying on OSS within regulated products remain fully responsible for meeting all cybersecurity and update obligations, including providing security updates for the minimum five-year support period.
Managing updates is difficult when you did not write the code – but the responsibility remains. The Software Bill of Materials (SBOM) requirement compounds this: manufacturers must maintain a machine-readable inventory of every library, open-source component and module in their products, kept as a living record.
Top tip from Jo:
If your business relies heavily on OSS, pay close attention to how it’s managed, seek specialist guidance and plan how you will meet long‑term update and security requirements.
The introduction of NIS2 and the EU cyber resilience act marks a significant shift for cybersecurity in iGaming. While the regulations bring real compliance challenges, they also create an opportunity for the industry to strengthen its defences, reduce operational risk and future‑proof operations.
Early preparation will help businesses stay compliant, competitive and trusted.
👉 Watch the full webinar here:
Bolton, tasked with accelerating growth within the company’s cybersecurity portfolio, brings over 20 years of experience to the role
Continent 8 Technologies, a leading provider of cutting-edge managed IT solutions designed for the global iGaming and online sports betting industry, announces the appointment of Rob Bolton as Cybersecurity Sales Director.
In recent years, the iGaming industry has faced significant cyber attacks driven largely by financial motives. The use of diverse payment methods, reliance on third party integrations and widespread use of mobile devices contribute to the industry being targeted.
His appointment follows several years of strategic investment by the company in its cybersecurity solutions, aimed at supporting operators and suppliers across the industry. This has included developing key offerings such as Multi-Factor Authentication (MFA), Threat Exchange, and a fully managed Security Operations Centre (SOC). These developments underscore the company’s commitment to delivering robust, scalable, and proactive security services that meet the evolving needs of its customers.
Bolton has vast experience leading US, EMEA and APAC revenue functions having worked at global MSSPs such as Versa Networks, Proofpoint and Infoblox. In his new role, he will oversee revenue growth across the company’s growing cybersecurity portfolio, engaging with CISOs and technical teams for Continent 8 and C8 Secure (a dedicated Continent 8 cybersecurity company) to identify the solutions required to best protect their business.
Patrick Gardner, Chief Security Officer at Continent 8 Technologies, said: “We are thrilled to welcome Rob to the team who brings over two decades of experience in sales and business development to Continent 8. His deep technical knowledge and strategic vision will be invaluable as we continue to evolve and enhance our solutions to best support our customers.”
Rob Bolton, Cybersecurity Sales Director at Continent 8 Technologies, added: “Continent 8’s portfolio and service offering in the iGaming industry is unique; their managed security solutions are built on over 27 years of industry experience. The recent launch of the Threat Exchange – the industry’s only cyber threat intelligence platform – is a prime example. I look forward to showcasing our security solutions to the industry, supporting customers with their cybersecurity challenges, and contributing to the company’s growth.”
Rob Bolton will be attending GSATS Phoenix 2025 and is speaking on the panel titled ‘Cyber Resiliency – Protecting the Gaming Industry’ on November 13. To arrange a show meeting, please visit www.continent8.com or contact sales@continent8.com.
Continent 8’s Vulnerability Assessment and Penetration Testing, Security Audit and Vulnerability Scan services enable Alea to further strengthen the security and resilience of its iGaming platform
Continent 8 Technologies, the leading provider of global managed hosting, connectivity, cloud and cybersecurity solutions for the iGaming and online sports betting industry, announces that it has expanded its cybersecurity collaboration with Alea.
Building on its current programme of Vulnerability Assessment and Penetration Testing (VAPT) services with Continent 8, Alea – the award-winning casino game aggregator – has deepened its partnership with Continent 8 and its cybersecurity division, C8 Secure, by integrating Security Audit and Vulnerability Scan (V-Scan) services. This strategic initiative further enhances Alea’s cybersecurity posture and underscores the company’s ongoing investment in the resilience and integrity of its infrastructure.
The expanded cybersecurity assessment programme delivers a wide range of benefits for Alea and its operator network, including:
Eduard Fumás, CTO at Alea: “Security is built into everything we do at Alea. We’ve always believed that operators and their players deserve the highest level of protection. This is why we’ve invested in strong encryption, fraud prevention tools and a robust infrastructure from day one.
“Working with Continent 8 has helped us put that commitment to the test. Their expertise allows us to validate and strengthen our systems with confidence. We’re proud of how far we’ve come together, and even more excited about what’s next as we keep raising the bar and building a platform that our partners can trust completely.”
Patrick Gardner, Chief Security Officer at Continent 8 added: “As Alea continues to grow and expand, its proactive commitment to maintaining a secure iGaming aggregator platform becomes paramount. In our ongoing collaboration with Alea, we remain dedicated to fostering and supporting their cybersecurity initiatives – ensuring that both Alea and its extensive partner ecosystem stay protected, resilient and prepared.”
Continent 8 will be exhibiting at SBC Summit Lisbon, from 16-18 September at Stand C80. To arrange a show meeting and explore best practices and strategies for advancing your organisation’s cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Global games developer deploys Continent 8’s Compliance Audit, Vulnerability Assessment and Penetration Testing (VAPT) and Vulnerability Scan (V-Scan) services to swiftly meet multi-state regulatory compliance requirements.
Continent 8 Technologies, the leading provider of global managed hosting, connectivity, cloud and cybersecurity solutions to the iGaming and online sports betting industry, is pleased to announce an expanded partnership with global leading Asian game developer, Rising Digital Corporation. Through this enhanced collaboration, Rising Digital has selected Continent 8 as its dedicated cybersecurity services provider.
Rising Digital, a current infrastructure partner leveraging Continent 8’s cloud solution for high-performance connectivity, high availability and uninterrupted uptime of gaming platforms, has established a strategic alliance with Continent 8 to enhance its cybersecurity program and standards. This initiative allows Rising Digital to utilize Continent 8’s complete suite of regulatory cybersecurity services, ensuring full compliance within each US state it operates in.
Rising Digital has successfully launched its cybersecurity program across multiple states, including Connecticut, Delaware, Michigan, New Jersey, Pennsylvania and West Virginia, as well as the Canadian province of Ontario, to comply with the specific regulatory requirements of each jurisdiction. In collaboration with Continent 8 and its cybersecurity specialist division, C8 Secure, Rising Digital has successfully completed a Compliance Audit and Vulnerability Assessment and Penetration Testing (VAPT) and Vulnerability Scan (V-Scan) services. These comprehensive regulatory cybersecurity services ensure compliance with local regulatory standards and identify potential vulnerabilities, providing actionable insights to strengthen the organization’s overall cybersecurity posture.
Aimin Cong, CEO of Rising Digital, said: “We are delighted to formalize our relationship with Continent 8 for our growing iGaming operations business. With the utmost importance being placed upon compliance, performance and security, we believe Continent 8 is an excellent infrastructure and cybersecurity services partner.”
Patrick Gardner, Chief Security Officer at Continent 8, said: “We are honored that Rising Digital has placed its trust in Continent 8 as its infrastructure and cybersecurity partner as they expand their operations across the United States.
“At Continent 8, we pride ourselves as being a one-stop-shop provider of infrastructure, cloud, regulatory and cybersecurity solutions. Our services enable iGaming companies like Rising Digital to swiftly meet multi-state regulatory requirements, safeguarding their operations while providing peace of mind. We stand committed to setting the highest standards and value for cybersecurity and compliance services within the ever-growing iGaming and online sports betting sector.”
Continent 8 will be at SBC Summit Americas, from May 13-15 at Booth D750. Schedule a show meeting to learn more about the best practices and strategies for your organization’s regulatory cybersecurity requirements.
Continent 8 Technologies’ Regional Sales Director, Jerad Swimmer and Principal Solutions Architect, Anthony Engel, recently attended the 5th Annual TribalHub Cybersecurity Summit.
At the event, they were showcasing Continent 8’s multi-layered cybersecurity solutions designed to support tribal casinos and their cybersecurity programs.
In this blog, Jerad and Anthony share their key takeaways from the event.
Anthony and Jerad at TribalHub Cybersecurity Summit 2025.
Continent 8 – Proud members of the TribalHub community.
Anthony Engel (AE): The TribalHub Cybersecurity Summit, though smaller in scale, turned out to be an incredible event. We had the chance to engage with nearly every attendee and connect with vendors across various sectors. The event was exceptionally well organized, and its intimate setting allowed for more meaningful and impactful discussions.
Jerad Swimmer (JS): A standout feature of this event was the division of days into presentation sessions followed by an exhibitor segment. From 9:00 to 3:30, Anthony and I attended every session, which afforded us a deeper understanding of the needs and concerns of tribal organizations and how we can support them.
Adding a touch of fun to the event, TribalHub included a bingo card for attendees, encouraging them to visit each booth. Many attendees voiced that this initiative provided them with a deeper insight into Continent 8’s comprehensive threat prevention, detection and response strategies, which they might not have discovered otherwise. We are excited to continue many of these discussions beyond the event.
AE: Given the cybersecurity-focused nature of the event, attendees demonstrated advanced cybersecurity knowledge. We shared how, as a Managed Security Service Provider (MSSP), we are distinctively equipped to deliver a comprehensive cybersecurity ecosystem from a single source – ranging from DDoS protection to endpoint security, cloud protection and even mobile threat prevention. This integrated approach closes cybersecurity gaps that often arise with multiple vendors’ solutions and offers tribal gaming organizations a singular point of accountability for their entire cybersecurity framework.
JS: Indeed, as Anthony highlighted, the discussions spanned a wide array of cybersecurity techniques and strategies. In my conversations, we explored approaches to Vulnerability Assessment and Penetration Testing (see Jerad’s most recent cybersecurity blog on VAPT here), mobile endpoint protection, Security Incident and Event Management (SIEM), Security Operations Centers (SOC), Endpoint and Managed Detection and Response (EDR & MDR), as well as strategies to counter social engineering threats.
AE: From an event format perspective, as Jared mentioned earlier, we were pleased that the event organizers ensured the presentation sessions were accessible to exhibitors. This enabled us to customize our discussions around the pain points identified during these sessions and explore various strategies to address their current issues and challenges. It added an extra dimension to vendor-attendee interaction, which I believe the attendees appreciated.
JS: The summit was an exceptional platform for engaging and exchanging ideas with the tribal gaming community. Networking was a continuous all-day and all-evening affair, extending beyond the event into dinner and lounge conversations that really foster unrivalled relationship building.
Anthony and I are already looking forward to reconnecting with everyone at our next event – the Indian Gaming Tradeshow and Convention! We hope to see you there!
Visit us at the Indian Gaming Tradeshow and Convention in San Diego from March 31 to April 3 at Booth 724 to discover the benefits of 360-degree cybersecurity protection for your tribal gaming organization.
Don’t miss the panel discussion “Creating and maintaining a healthy culture in a new era of cybersecurity”, where Jerad will moderate a session with industry experts Frances Alvarez, Emra Arkansas, Jason Nichols and Scott Riley. Attendees will gain invaluable insights into data protection, regulatory practices and proactive cybersecurity strategies for tribal gaming.
Book a meeting at the Indian Gaming Tradeshow and Convention here.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series. Each episode delves into new stories, insights gained, best practices and key developments that are shaping the future of tribal casino gaming and cybersecurity.
Watch Tribal Talks: Cybersecurity Unlocked podcast series
Continent 8’s compliance-driven infrastructure and cybersecurity services accelerate the launch of secure, resilient, zero-compromise gaming platforms
Continent 8 Technologies, the leading provider of global managed hosting, connectivity, cloud and cybersecurity solutions to the iGaming and online sports betting industry, is pleased to announce its continued expansion in the US with the launch of its data center and managed and professional services in Missouri.
Following the approval of Missouri Amendment 2 on November 5, 2024, the Missouri Gaming Commission (MGC) is preparing the state for the launch of its regulated online sports betting market, scheduled for December 1, 2025. Continent 8’s first-to-market strategic approach provides Missouri online sports betting operators and suppliers with immediate access to Continent 8’s data center, along with a full suite of best-in-class services that facilitate the rapid deployment of secure, resilient, zero-compromise gaming platforms.
The US continues to be a strategic market for Continent 8, as it remains not only the fastest growing, but only end-to-end solutions provider for the gaming industry in the nation. Continent 8 possesses requisite regulatory licenses, certifications, approvals and registrations across more than 30 states, including Michigan, New Jersey, Pennsylvania and now Missouri. The most recent EGR Power US Rankings underscores Continent 8’s position as the premier service provider in the industry, servicing and supporting 95% of the listed operators.
Michael Tobin, CEO and Founder of Continent 8 Technologies, stated: “The approval of Missouri Amendment 2 highlights the continuous growth of the regulated and highly competitive US online sports betting market. We are thrilled to already be engaged with numerous customers and actively preparing their environments for the soon-to-open market.
“Our approach, anchored in regulatory compliance, ensures that gaming operators and suppliers are equipped with market-ready solutions to swiftly establish state-compliant, secure and uncompromising infrastructures, while providing ample time to optimize their platforms well in advance of the state’s launch date.”
For insights into Missouri’s online sports betting market, schedule a meeting with Continent 8 at NEXT Summit New York 2025 (Booth 7), from March 12-13.
The Super Bowl has once again set new records for sports wagering. While the final figures are still being confirmed, the American Gaming Association projected an unprecedented $1.39 billion in legal bets on Super Bowl LIX. Sportsbook companies such as FanDuel have already reported a 19% increase in bets compared to the previous year, reaching a new peak of 16.6 million bets from nearly three million active users.
During this historic Super Bowl weekend, Continent 8 Technologies, the leading industry provider of managed global hosting, connectivity, cloud, and cybersecurity solutions, served as the crucial backbone of the Super Bowl’s betting network, enabling the majority of bets worldwide. In this blog, we explore the detailed planning and preparation that support our customers during premier sporting events.
Preparation for the Super Bowl began well in advance of the event. In the last couple of years, we have invested heavily in strengthening our network relationships through our enhanced ‘Know Your Customer’ philosophy. This strategy includes launching and engaging in in-depth discussions at our Customer Advisory Board meetings, investing in executive sponsor programs and maintaining ongoing, insightful and strategic dialogues to address our customers’ current and future needs. This KYC approach ensures the creation of tailored, comprehensive road maps for each of our customers, enabling us to proactively anticipate and meet their needs through key support initiatives and activities, including the Super Bowl event
With the Super Bowl scheduled for the second Sunday of February, we prepared for the anticipated surge in internet activity. Edward O’Connor, our Chief Technical Officer, shares the technical strategy leading up the event. “Our technical preparation began months prior to the Super Bowl. This centred around infrastructure and network upgrades and optimisation – including bandwidth increases in all key peering and IX locations, cloud infrastructure refreshes, among other changes – to ensure an interruption-free operation.”
As the event approached, the team developed a detailed preparation checklist concentrated around five key pillars. The checklist included:
A typical Super Bowl game lasts about 3 hours and 37 minutes. However, our ‘live’ Super Bowl experience lasted over five days, from Thursday to Monday. Our dedicated team managed game-specific operations, while a company-wide communication channel was available for check-ins or service requests.
To enhance our efforts, additional staff and resources were deployed on game day, across multiple global security centres as well as on customer sites, monitoring and optimising network performance in real time.
Continent 8 teams monitoring network activity across our various ‘war rooms’.
The Philadelphia Eagles’ victory over the Kansas City Chiefs, with a score of 40-22, ended without any network or connectivity issues, despite what Edward described as “record-breaking from an internet traffic perspective.”
Long after the players left the field, our team continued to oversee network activity to ensure ongoing stability of all customer operations. Our Major Incident Management ‘playbook’ was crucial, serving as both a guide and a reminder of the need for continuous process evaluation and improvement as we transition from one event to the next.
As the Super Bowl campaign wrapped up, Edward was pleased with the behind-the-scenes connectivity support we provided for our customers. He shared, “The entire Continent 8 team was instrumental in ensuring a flawless Super Bowl experience. This careful, meticulous planning underscored our commitment to delivering a reliable and unparalleled service to our customers, allowing millions of users to place their bets and engage with the event in real time.
“With Super Bowl LIX now concluded, next up for the US sporting market: NCAA March Madness!”
For over 25 years, we have been the leading provider of global managed hosting, connectivity, cloud and cybersecurity solutions for the regulated iGaming and online sports betting industry. To learn more about how our best-in-class managed and professional services can power and protect your gaming platforms and operations, contact sales@continent8.com.
Jerad Swimmer, Regional Sales Director at Continent 8 Technologies, explores the benefits of Vulnerability Assessment and Penetration Testing (VAPT).
Tribal casinos are experiencing substantial financial growth. As highlighted in my previous blog, 2023 was a landmark year for the tribal gaming sector, with revenues hitting a record $41.9 billion USD, as reported by the National Indian Gaming Commission. Consequently, tribal casinos are increasingly targeted by cybercriminals, with reports suggesting a nearly 60% increase in cyber attacks on tribes in 2023.
With significant financial and personal data at stake, cybersecurity in tribal gaming and casino environments is a critical priority. But where should you start? In this blog, I’ll explain why Vulnerability Assessment and Penetration Testing (VAPT) is the perfect first step to bolster tribal gaming cybersecurity.
Let’s begin by defining VAPT. Craig Lusher, our Product Principal of Secure Solutions, describes VAPT as the following:
“VAPT is defined as a comprehensive set of cybersecurity services that helps organizations identify, assess and mitigate vulnerabilities in their IT infrastructure, applications and networks. Periodic Vulnerability Assessments (VAs) scan to detect exploitable vulnerabilities in customer networks and infrastructure and record them in a register, prioritizing remedial work and demonstrating continuous improvement. Penetration Tests (PTs) use identified vulnerabilities to further exploit and gain access, testing the efficacy of preventative security measures, procedures and technology.”
By simulating real-world cyber attacks, pentesting enables tribal casino IT and cybersecurity teams to identify system weaknesses and address potential vulnerabilities before they can be exploited by malicious actors. This strategy not only strengthens the casino environment but also ensures that cybersecurity measures remain robust and adaptable to evolving threats.
VAPT aims to establish what we at Continent 8 call a “hardened cybersecurity posture.”
A hardened cybersecurity posture integrates multiple protective layers, adhering to best practices for adaptability to threats and changes. It begins with technical controls such as network segmentation, access management and encryption, complemented by active defenses including web application and API protection, intrusion detection and cybersecurity monitoring. This approach is guided by policies and procedures for incident response and risk management.
The core components of a hardened cybersecurity posture create a robust defense system. Technical controls prevent attacks, while monitoring systems identify threats. Regular assessments are conducted to uncover vulnerabilities and governance ensures consistent implementation. This comprehensive approach ensures that even if one safeguard fails, multiple other layers remain to protect assets.
Implementing VAPT protocols is a beneficial practice for any tribal gaming organization. These measures not only bolster cybersecurity but also streamline internal and external audits.
By maintaining detailed records of testing and remediation efforts, casinos can demonstrate their commitment to cybersecurity to auditors. This transparency not only aids in passing audits but also enhances the casino’s reputation as a reliable and secure establishment.
Regular penetration testing provides tribal casinos with ongoing monitoring and enhancement of cybersecurity protocols, helping them stay ahead of potential cyber threats. This ensures a safer and more secure environment for both operations and players, while also building trust with internal and external parties and stakeholders. This proactive approach, again, is vital in preserving the casino’s integrity and reputation.
When choosing penetration testing tools for tribal casino and gaming cybersecurity, select tools that offer comprehensive coverage, capable of evaluating a wide range of vulnerabilities across multiple systems and applications.
A comprehensive VAPT service should encompass the following:
For more information on VAPT or to book a meeting with me at TribalHub Cybersecurity Summit or the Indian Game Tradeshow (Booth 18), contact me at jerad.swimmer@continent8.com.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series – also available on Spotify – to gain a deeper understanding of the technological advancements, cybersecurity challenges and best practices shaping tribal gaming landscape.