Cybersecurity regulation in Europe is evolving rapidly, and iGaming businesses must prepare now for two major incoming frameworks: the NIS2 Directive and the EU cyber resilience act (CRA). These regulations introduce stricter security obligations, tighter reporting deadlines and heightened accountability across the iGaming ecosystem.
In our recent webinar, “iGaming’s new cybersecurity rules”, Oliver Crofton (Regional Sales Director – Cybersecurity at Continent 8 Technologies) hosted an in‑depth discussion with Craig Lusher (Principal Solutions Architect EMEA at Continent 8 Technologies) and Jo Joyce (Partner and Head of Regulatory, IP & Digital at Taylor Wessing Ireland). Together, they provided clarity on the regulatory landscape and outlined what operators, suppliers and technology partners must do to stay ahead.
Here’s a breakdown of the key takeaways.
The iGaming industry operates in a high‑risk digital environment. Real-time financial transactions, complex technology stacks, and large volumes of sensitive personal data (including government-issued identity documents attached to financial information) make it a prime target for attackers. As cyber threats grow more sophisticated, regulators are raising the bar to ensure resilience.
NIS2 and the CRA aim to:
For iGaming, where uptime, trust and compliance underpin commercial success, these changes are significant.
NIS2 is fully live and enforcement has begun. This is no longer about preparation; the question is whether your organisation is compliant right now.
According to Craig and Jo, NIS2 represents a major overhaul of Europe’s cybersecurity framework. It replaces the original NIS Directive (2016), which was fragmented, voluntary in practice, and allowed each country to implement it differently.
Key updates include:
Whilst NIS2 focuses on how organisations manage security, the CRA concentrates on the digital products those organisations depend on and produce.
CRA reporting obligations begin on 11 September 2026. From that date, manufacturers must report actively exploited vulnerabilities and severe incidents affecting the security of their products, following the same 24-hour early warning, 72-hour notification structure. For vulnerabilities, the final report must be submitted within 14 days of a corrective measure becoming available. Full product standards, including CE-marking requirements for software and connected devices, come into force in December 2027.
Jo highlighted that the CRA requires manufacturers and developers of digital tools – including gaming software, APIs, hardware and integrated systems – to
Given the heavy reliance on third‑party tech in iGaming, this places strong emphasis on vendor due diligence and supply‑chain oversight.
Jo: “I think one of the things that I’ve spotted is quite a lot of operators and firms within the iGaming ecosystem haven’t really necessarily accepted that they’re in scope.”
If your organisation provides or supports any of the following, NIS2 likely applies:
There are two additional points worth flagging. First, white-label and B2B providers are often managed service providers (MSPs) without realising it. If you run a player account management (PAM) system for 20 other brands, you are managing their core services, which, by definition, makes you an MSP. Under NIS2, MSPs are designated as essential entities, meaning they face ex ante supervision (proactive inspections and audits at any time), the same regulatory tier as a data centre or cloud provider.
Second, there is no “group privilege” under NIS2. If an internal IT arm provides services to the wider corporate group, it may be classified independently as an essential entity in its own right. Being part of a larger group does not shield individual subsidiaries or divisions from independent classification.
A readiness assessment is the essential first step.
Craig emphasised how the threat landscape facing iGaming businesses has intensified – including a 400% surge in cyber attacks targeting the gambling industry. This is not a gradual trend; attackers have industrialised their approach.
Operators and suppliers now face:
The interconnected nature of the sector amplifies the impact of any single vulnerability.
The cost of downtime in the industry now exceeds $6,000 per minute, and attacks are more visible in the news than ever, and recent breaches have seen hundreds of thousands of user profiles and identity documents exposed through relatively basic misconfigurations.
Craig highlighted several country‑specific differences in how NIS2 is being implemented, here are a few examples:
Malta moved faster than most EU member states, issuing Legal Notice 71 of 2025, with the CIPD as the ‘competent authority’. Self‑registration was due September 2025, so organisations that missed the deadline are now operating in a regulatory grey area. Governance and risk‑management controls must be live by March 2026, which at the time of the webinar was just weeks away.
Malta also goes further than EU baseline requirements by mandating a 24/7 security operations centre for digital infrastructure providers. Properly staffing a round-the-clock SOC requires at least 12 people to maintain a true rotation, which is a substantial operational investment for mid-sized operators.
The ultimate sanction isn’t just a fine; Malta can suspended MGA licences. For Malta-licensed gaming companies, this is an existential threat. If you lose your MGA licence, you are effectively locked out of dozens of global markets overnight.
Germany passed its implementation late, in November 2025. Registration deadlines for German‑based entities land in April 2026, leaving limited time for compliance.
Other member states are at various stages of transposition, and several missed the original October 2024 deadline. For operators with a presence in multiple EU countries, the practical challenge is managing compliance against several different national timelines and requirements simultaneously.
NIS2 is an EU directive, which means each member state must transpose it into national law. The result is that implementation timelines and specific requirements vary from country to country, and organisations operating across multiple jurisdictions need to track each one independently.
Both speakers stressed that NIS2 and the CRA require visible, ongoing engagement from senior management. Leading organisations will:
Under NIS2, leadership accountability is explicit. Executive training is not optional; it is a legal requirement under the directive.
Jo: “Just because something bad has happened doesn’t mean that you’re necessarily at fault… but you are going to have to produce reasonable reporting in layman’s terms… and explain that we’re operating in different risk parameters.”
Craig added the importance of training: “It’s mandatory for board‑level staff… you’ve got to keep training and constant training.”
Craig and Jo discussed the importance of reporting – especially when something goes wrong.
Jo: “The kind of reporting that one has to do under NIS2 is not a million miles away from the pre‑existing reporting… but there’s a real shift when you are experiencing a very serious incident.”
The 24‑hour reporting window is the operational flashpoint. Many companies are not ready for this. Under NIS2, the clock starts as soon as you become aware of a significant incident. You then have 24 hours to submit an early warning to the relevant CSIRT, 72 hours for a more detailed incident notification, and one month for the final report. A single incident can also trigger reporting obligations under the CRA and DORA simultaneously, each with different data requirements, formats, timelines and regulators.
Businesses need to prepare now by having supplier lists to hand, knowing exactly where to submit reports for each applicable regulation, and understanding that multi-jurisdictional reporting may be required.
Top tip from Jo:
Please print out a copy of your breach response plan… print out your incident response team list with phone numbers, ideally personal ones. If you can’t access your systems, it will take you an astonishing amount of time to pull this together.
Jo highlighted that enforcement activity under the CRA and NIS2 will be phased but increasingly serious.
From September 2026, the CRA introduces mandatory reporting of actively exploited vulnerabilities and severe incidents affecting product security. Full product‑related obligations take effect in December 2027, including the requirement for CE‑marking digital products, software included.
According to Jo, failure to report will likely be the first area where regulators take action, and penalties will be treated seriously.
Many NIS2 requirements are already enforceable. For essential entities that breach Articles 21 or 23, fines can reach up to EUR 10 million or 2% of total worldwide annual turnover, whichever is higher. For important entities, the maximum is EUR 7 million or 1.4% of worldwide turnover (Article 34 of NIS2). Regulators also have the power to issue binding instructions, order security audits, and, for essential entities, temporarily suspend or prohibit individuals from exercising managerial functions (Article 32(5)).
Jo: “They will factor in whether it’s going to bankrupt you… but they want these fines to hurt.”
This means businesses must act now to ensure reporting pathways, governance structures, supplier oversight and security controls are ready.
Craig and Jo recommended several clear actions for organisations:
There is a growing issue around the use of open‑source software (OSS) under the CRA. Although many OSS developers lobbied for exemption, OSS is widely used in commercial products. The CRA makes clear that organisations relying on OSS within regulated products remain fully responsible for meeting all cybersecurity and update obligations, including providing security updates for the minimum five-year support period.
Managing updates is difficult when you did not write the code – but the responsibility remains. The Software Bill of Materials (SBOM) requirement compounds this: manufacturers must maintain a machine-readable inventory of every library, open-source component and module in their products, kept as a living record.
Top tip from Jo:
If your business relies heavily on OSS, pay close attention to how it’s managed, seek specialist guidance and plan how you will meet long‑term update and security requirements.
The introduction of NIS2 and the EU cyber resilience act marks a significant shift for cybersecurity in iGaming. While the regulations bring real compliance challenges, they also create an opportunity for the industry to strengthen its defences, reduce operational risk and future‑proof operations.
Early preparation will help businesses stay compliant, competitive and trusted.
👉 Watch the full webinar here:
Continent 8 Technologies, is proud to announce its sponsorship of Douglas Athletic Football Club for the 2025/26 season, supporting the club from grassroots to seniors.
The sponsorship deal will see the senior and junior teams wearing new kit for the season, proudly displaying the Continent 8 logo.
Anna McChesney, Director of Digital Marketing at Continent 8 Technologies, commented: “We’re thrilled to support Douglas Athletic FC this season. As a business rooted in the Isle of Man, it’s important to us to give back to the community. Football brings people together, and we’re proud to play a part in helping the club thrive both on and off the pitch. Best of luck to everyone in the 25/26 season!”
John Minter, Club Secretary & Treasurer of Douglas Athletic FC Committee, added: “Having Continent 8 on board is a huge boost for the club. Their support means we can continue to grow and provide opportunities for players of all ages. It’s fantastic to see a local company investing in local sport, and we’re excited about what this season holds.”
Continent 8 incorporated on the Isle of Man in 2006 to service global businesses in the iGaming and online sports betting industry. The company, with around 300 staff globally, employs 20 talented individuals working from its purpose-built Tier-3 data centre facility in Douglas.
Bolton, tasked with accelerating growth within the company’s cybersecurity portfolio, brings over 20 years of experience to the role
Continent 8 Technologies, a leading provider of cutting-edge managed IT solutions designed for the global iGaming and online sports betting industry, announces the appointment of Rob Bolton as Cybersecurity Sales Director.
In recent years, the iGaming industry has faced significant cyber attacks driven largely by financial motives. The use of diverse payment methods, reliance on third party integrations and widespread use of mobile devices contribute to the industry being targeted.
His appointment follows several years of strategic investment by the company in its cybersecurity solutions, aimed at supporting operators and suppliers across the industry. This has included developing key offerings such as Multi-Factor Authentication (MFA), Threat Exchange, and a fully managed Security Operations Centre (SOC). These developments underscore the company’s commitment to delivering robust, scalable, and proactive security services that meet the evolving needs of its customers.
Bolton has vast experience leading US, EMEA and APAC revenue functions having worked at global MSSPs such as Versa Networks, Proofpoint and Infoblox. In his new role, he will oversee revenue growth across the company’s growing cybersecurity portfolio, engaging with CISOs and technical teams for Continent 8 and C8 Secure (a dedicated Continent 8 cybersecurity company) to identify the solutions required to best protect their business.
Patrick Gardner, Chief Security Officer at Continent 8 Technologies, said: “We are thrilled to welcome Rob to the team who brings over two decades of experience in sales and business development to Continent 8. His deep technical knowledge and strategic vision will be invaluable as we continue to evolve and enhance our solutions to best support our customers.”
Rob Bolton, Cybersecurity Sales Director at Continent 8 Technologies, added: “Continent 8’s portfolio and service offering in the iGaming industry is unique; their managed security solutions are built on over 27 years of industry experience. The recent launch of the Threat Exchange – the industry’s only cyber threat intelligence platform – is a prime example. I look forward to showcasing our security solutions to the industry, supporting customers with their cybersecurity challenges, and contributing to the company’s growth.”
Rob Bolton will be attending GSATS Phoenix 2025 and is speaking on the panel titled ‘Cyber Resiliency – Protecting the Gaming Industry’ on November 13. To arrange a show meeting, please visit www.continent8.com or contact sales@continent8.com.
Continent 8 Technologies’ Regional Sales Director, Jerad Swimmer, and Principal Solutions Architect, Tony Engel, recently attended TribalNet Conference & Tradeshow.
Here, Jerad and Tony share their key takeaways from the show.
Tony Engel (TE): It was another great event. The show was noticeably larger this year, with considerable growth in participation and an impressive expansion in educational track sessions, which was great to see.
Jerad Swimmer (JS): I absolutely agree with Tony – it was another great event! We had the opportunity to engage with CIOs, CTOs, CSOs, IT directors, IT managers and security analysts, demonstrating active interest from all levels of IT infrastructure and security leadership.
TE: A notable theme from this year’s event was the continued advancement of cybersecurity maturity across the industry. Attendees displayed deep technical expertise and a proactive commitment to implementing cybersecurity strategies, whether it’s security operations centers (SOCs) or vulnerability assessment and penetration tests (VAPTs). I can see the tides are changing, and they’re changing fast, which is great to see through the lens of a cybersecurity professional.
JS: 100%! Cybersecurity dominated our discussions, with significant interest in pen testing, the latest threat detection and response approaches, as well as the real-world benefits of cyber training and simulation methods to strengthen the human element within an organization’s security posture.
It was also interesting to see the integration of artificial intelligence (AI) as a key presentation track at this year’s event. I had the opportunity to attend some of the sessions which explored AI’s role as both a protective and adversarial entity and insights into how tribal casinos can monitor and protect their operations.
TE: As I mentioned earlier, cybersecurity evolves quickly, and this necessitates ongoing discussions with managed security service providers (MSSPs) to ensure the adoption of leading best practices. The increased visibility of cybersecurity as a core presentation track at the conference demonstrates the industry’s commitment to making cybersecurity a strategic priority, which is reassuring to see.
JS: Threat intelligence was a focal point at TribalNet, with tribal organizations actively seeking to integrate this capability into their security frameworks. The tribal gaming community will be pleased to hear that Continent 8 has just launched Threat Exchange – the industry’s first dedicated cyber threat intelligence (CTI) platform. Purpose-built for the gaming community, this platform delivers actionable intelligence, providing tribal gaming entities with exclusive insights into emerging threats. This development enables tribal organizations to now make informed decisions and implement advanced measures to enhance the security of their gaming environments.
If you’re also looking to further the conversation on cybersecurity for tribal gaming, we invite you to visit Booth #4235 at G2E Las Vegas, from October 7-9. Book a meeting today and we’ll be happy to schedule a time with you at the show: https://lp.continent8.com/global-gaming-expo-2025
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Download the tribal cybersecurity checklist to start your proactive cybersecurity journey.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series. Each episode delves into new stories, insights gained, best practices and key developments that are shaping the future of tribal casino gaming and cybersecurity.
Tribal Talks: Cybersecurity Unlocked
The sector-specific platform equips iGaming and online sports betting operators, platform providers and B2B gaming technology companies with real-time insights to stay ahead of cyber threats
Continent 8 Technologies, a leading provider of cutting-edge managed IT solutions designed for the global iGaming and online sports betting industry, introduces Threat Exchange – the industry’s first dedicated cyber threat intelligence (CTI) platform. This game-changing solution equips incident response teams, operators, platform providers, B2B gaming technology companies and regulators with actionable, real-time intelligence to proactively detect and share information on emerging threats, enhance incident response and deepen understanding of the threat landscape.
The iGaming and online sports betting industry: a prime target for cyber threats
The iGaming sector remains a primary target for cyber attacks, driven by the substantial volume of financial transactions and high-value customer data – recent analysis reveals a surge of over 400% in cyber incidents impacting both online and land-based casino operators since February 2025. Today’s critical cybersecurity challenge is the ability to efficiently manage and analyse large-scale, complex datasets to detect and correlate emerging, sector-specific threats in real time. Threat Exchange directly addresses these requirements with a dedicated CTI platform engineered to:
Patrick Gardner, Chief Security Officer at Continent 8 said: “Threat Exchange is changing the game, providing unrivalled visibility into the behaviours and tactics of threat actors. Leveraging our position as the industry’s cybersecurity partner, we are able to analyse vast and complex datasets and deliver the results in a clear, actionable format. Customers have consistently asked for greater intelligence and deeper analysis, and Threat Exchange is our response – a purpose-built solution designed to meet the unique security challenges of the iGaming and online sports betting industry.”
Continent 8 will be exhibiting at G2E Las Vegas, from 7-9 October at Booth 4235. To schedule a demo of Threat Exchange at the show, please visit https://lp.continent8.com/global-gaming-expo-2025.
Following the release of the National Indian Gaming Commission’s (NIGC) Fiscal Year (FY) 2024 Gross Gaming Revenue (GGR) report, Jerad Swimmer, Regional Sales Director at Continent 8 Technologies, provides a mid-year report on the state of tribal gaming in 2025.
On July 31, the NIGC published its annual GGR report, highlighting a record-setting $43.9 billion in revenue for FY 2024. This achievement reflects a 4.6% year-over-year increase, representing growth of $2 billion, with data collected from 532 gaming operations run by 243 federally recognized tribes across 29 states. In the NIGC press statement, Acting NIGC Chairwoman Sharon Avery remarked:
“This year’s GGR reflects not only the resilience of the tribal gaming industry, but also the dedication of tribal leadership in preserving and growing this important economic driver for their communities. The continued success of Indian gaming is a testament to the strong tribal governance and the sound regulation that protects the integrity of the industry.”
These figures emphasize the critical economic contribution of tribal gaming, supporting essential initiatives across employment, infrastructure, education and social services within tribal communities. Yet, as the tribal gaming industry’s financial impact continues to expand, so does its exposure to cyber threat actors aiming to benefit from this growth.
Over the past year, the industry has witnessed significant cyber incidents. In April of last year, a tribal casino was forced to suspend its operations following a cyber breach and advised patrons to monitor account activity for potential unauthorized access. In February of this year, one tribe experienced a ransomware attack that disrupted telecommunications and IT systems across multiple tribal entities, including casino operations.
During recent key industry events – including the OIGA Conference and Trade Show, the Indian Gaming Convention and Tradeshow (IGA) and the TribalHub Cybersecurity Summit – our team has also received direct reports of numerous cybersecurity incidents. These events have resulted in a range of financial, operational and reputational impacts for affected organizations. These forums have provided tribal casinos, gaming commissions and government bodies in Indian Country with valuable opportunities to share their cybersecurity challenges and engage with experts on effective threat mitigation strategies.
Given the ongoing and evolving cyber threat landscape, tribal gaming organizations must adopt a proactive cybersecurity posture – operating with an ‘assume breach’ mindset and prioritizing resilience. Robust measures are essential to safeguard infrastructure, player data, critical platforms and preserve tribal sovereignty. Recommended best practices for comprehensive cyber defense include:
As a trusted Managed Security Service Provider (MSSP), we partner with tribal gaming organizations – including Cherokee Tribal Gaming Commission (TGC), ShowNation, Tachi Palace Casino Resort – to foster a culture of cybersecurity awareness, strengthen organizational security posture and ensure long-term operational resiliency.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to listen back to our Tribal Talks: Cybersecurity Unlocked podcast series. Each episode delves into new stories, insights gained, best practices and key developments that are shaping the future of tribal casino gaming and cybersecurity.
Jerad Swimmer, Regional Sales Director at Continent 8 Technologies, explores the benefits of a cybersecurity checklist to safeguard your tribal gaming operations against emerging cyber threats and attacks.
Safeguarding your business can be daunting, and you might be asking yourself ‘where do I begin?’ To address this, we have prepared a cybersecurity checklist to help you identify possible weaknesses.
First, let us set the scene with the current state of play and why you need to prioritize cybersecurity in today’s world.
The tribal gaming industry is a vibrant and vital part of many Native American communities, providing not only entertainment but also significant economic benefits. However, this industry is increasingly falling under the crosshairs of sophisticated cybercriminals. These bad actors aim to disrupt operations, steal sensitive patron data and extort ransom payments. The stakes are high, with the potential impact extending beyond the casino floors to tribal governments, health services and community trust.
Cyber threats in tribal gaming are diverse and evolving. For example, ransomware attacks have become more prevalent, demonstrating a devastating capacity to bring operations to a standstill. A recent notable incident involved a ransomware attack that compromised all internet servers and data, with the attackers demanding up to $500,000 to restore services. These incidents highlight the urgent need for comprehensive cybersecurity measures tailored to the unique environment of tribal casinos.
The consequences of a cyber attack on a tribal casino can be far-reaching. Beyond the immediate financial losses and operational disruptions, there is a profound impact on the trust and confidence of the community. Patrons expect their personal and financial information to be secure, and any breach can lead to a significant erosion of trust.
To effectively combat cyber threats, tribal casinos need to adopt a multi-faceted cybersecurity strategy. This involves not just technological solutions but also organizational practices and policies. The foundation of such a strategy includes:
Continent 8, supported by our dedicated cybersecurity company, C8 Secure, is a trusted partner for tribal nations and gaming enterprises. Our cybersecurity services are tailored to meet the unique needs of tribal governments, regulators and casino operators.
Our capabilities include:
We are trusted by a diverse array of tribal gaming casinos and organizations, including ShowNation, Tachi Palace Casino Resort, among others.
Don’t wait for an incident to discover whether you’re vulnerable. By taking these proactive steps, tribal casinos can fortify their defenses, ensuring uninterrupted operations and maintaining the trust of their communities.
Secure your tribal gaming operations by accessing this detailed checklist.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Global games developer deploys Continent 8’s Compliance Audit, Vulnerability Assessment and Penetration Testing (VAPT) and Vulnerability Scan (V-Scan) services to swiftly meet multi-state regulatory compliance requirements.
Continent 8 Technologies, the leading provider of global managed hosting, connectivity, cloud and cybersecurity solutions to the iGaming and online sports betting industry, is pleased to announce an expanded partnership with global leading Asian game developer, Rising Digital Corporation. Through this enhanced collaboration, Rising Digital has selected Continent 8 as its dedicated cybersecurity services provider.
Rising Digital, a current infrastructure partner leveraging Continent 8’s cloud solution for high-performance connectivity, high availability and uninterrupted uptime of gaming platforms, has established a strategic alliance with Continent 8 to enhance its cybersecurity program and standards. This initiative allows Rising Digital to utilize Continent 8’s complete suite of regulatory cybersecurity services, ensuring full compliance within each US state it operates in.
Rising Digital has successfully launched its cybersecurity program across multiple states, including Connecticut, Delaware, Michigan, New Jersey, Pennsylvania and West Virginia, as well as the Canadian province of Ontario, to comply with the specific regulatory requirements of each jurisdiction. In collaboration with Continent 8 and its cybersecurity specialist division, C8 Secure, Rising Digital has successfully completed a Compliance Audit and Vulnerability Assessment and Penetration Testing (VAPT) and Vulnerability Scan (V-Scan) services. These comprehensive regulatory cybersecurity services ensure compliance with local regulatory standards and identify potential vulnerabilities, providing actionable insights to strengthen the organization’s overall cybersecurity posture.
Aimin Cong, CEO of Rising Digital, said: “We are delighted to formalize our relationship with Continent 8 for our growing iGaming operations business. With the utmost importance being placed upon compliance, performance and security, we believe Continent 8 is an excellent infrastructure and cybersecurity services partner.”
Patrick Gardner, Chief Security Officer at Continent 8, said: “We are honored that Rising Digital has placed its trust in Continent 8 as its infrastructure and cybersecurity partner as they expand their operations across the United States.
“At Continent 8, we pride ourselves as being a one-stop-shop provider of infrastructure, cloud, regulatory and cybersecurity solutions. Our services enable iGaming companies like Rising Digital to swiftly meet multi-state regulatory requirements, safeguarding their operations while providing peace of mind. We stand committed to setting the highest standards and value for cybersecurity and compliance services within the ever-growing iGaming and online sports betting sector.”
Continent 8 will be at SBC Summit Americas, from May 13-15 at Booth D750. Schedule a show meeting to learn more about the best practices and strategies for your organization’s regulatory cybersecurity requirements.
Continent 8 Technologies’ Regional Sales Director, Jerad Swimmer and Principal Solutions Architect, Anthony Engel, recently attended the 5th Annual TribalHub Cybersecurity Summit.
At the event, they were showcasing Continent 8’s multi-layered cybersecurity solutions designed to support tribal casinos and their cybersecurity programs.
In this blog, Jerad and Anthony share their key takeaways from the event.
Anthony and Jerad at TribalHub Cybersecurity Summit 2025.
Continent 8 – Proud members of the TribalHub community.
Anthony Engel (AE): The TribalHub Cybersecurity Summit, though smaller in scale, turned out to be an incredible event. We had the chance to engage with nearly every attendee and connect with vendors across various sectors. The event was exceptionally well organized, and its intimate setting allowed for more meaningful and impactful discussions.
Jerad Swimmer (JS): A standout feature of this event was the division of days into presentation sessions followed by an exhibitor segment. From 9:00 to 3:30, Anthony and I attended every session, which afforded us a deeper understanding of the needs and concerns of tribal organizations and how we can support them.
Adding a touch of fun to the event, TribalHub included a bingo card for attendees, encouraging them to visit each booth. Many attendees voiced that this initiative provided them with a deeper insight into Continent 8’s comprehensive threat prevention, detection and response strategies, which they might not have discovered otherwise. We are excited to continue many of these discussions beyond the event.
AE: Given the cybersecurity-focused nature of the event, attendees demonstrated advanced cybersecurity knowledge. We shared how, as a Managed Security Service Provider (MSSP), we are distinctively equipped to deliver a comprehensive cybersecurity ecosystem from a single source – ranging from DDoS protection to endpoint security, cloud protection and even mobile threat prevention. This integrated approach closes cybersecurity gaps that often arise with multiple vendors’ solutions and offers tribal gaming organizations a singular point of accountability for their entire cybersecurity framework.
JS: Indeed, as Anthony highlighted, the discussions spanned a wide array of cybersecurity techniques and strategies. In my conversations, we explored approaches to Vulnerability Assessment and Penetration Testing (see Jerad’s most recent cybersecurity blog on VAPT here), mobile endpoint protection, Security Incident and Event Management (SIEM), Security Operations Centers (SOC), Endpoint and Managed Detection and Response (EDR & MDR), as well as strategies to counter social engineering threats.
AE: From an event format perspective, as Jared mentioned earlier, we were pleased that the event organizers ensured the presentation sessions were accessible to exhibitors. This enabled us to customize our discussions around the pain points identified during these sessions and explore various strategies to address their current issues and challenges. It added an extra dimension to vendor-attendee interaction, which I believe the attendees appreciated.
JS: The summit was an exceptional platform for engaging and exchanging ideas with the tribal gaming community. Networking was a continuous all-day and all-evening affair, extending beyond the event into dinner and lounge conversations that really foster unrivalled relationship building.
Anthony and I are already looking forward to reconnecting with everyone at our next event – the Indian Gaming Tradeshow and Convention! We hope to see you there!
Visit us at the Indian Gaming Tradeshow and Convention in San Diego from March 31 to April 3 at Booth 724 to discover the benefits of 360-degree cybersecurity protection for your tribal gaming organization.
Don’t miss the panel discussion “Creating and maintaining a healthy culture in a new era of cybersecurity”, where Jerad will moderate a session with industry experts Frances Alvarez, Emra Arkansas, Jason Nichols and Scott Riley. Attendees will gain invaluable insights into data protection, regulatory practices and proactive cybersecurity strategies for tribal gaming.
Book a meeting at the Indian Gaming Tradeshow and Convention here.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series. Each episode delves into new stories, insights gained, best practices and key developments that are shaping the future of tribal casino gaming and cybersecurity.
Watch Tribal Talks: Cybersecurity Unlocked podcast series
Super Bowl LIX between the Philadelphia Eagles and the Kansas City Chiefs on February 9th, 2025, at the Caesars Superdome, was the eleventh Super Bowl to be held in New Orleans, and it was not the close affair we expected! In fact, the Eagles reached an insurmountable lead of 34 points before the Chiefs managed a first score. The event boasted record peak views of around 135 million, up from 124 million last year.
It was also a record-breaking 2025 in gambling terms, with significant growth in online betting compared to last year’s, reflecting the continued expansion of legal online sports betting in the US. An estimated $1.39 billion was gambled on Super Bowl LIX, up from $1.25 billion in legal bets for Super Bowl LVIII — a growth of about 11%. This figure marks the first time the American Gaming Association (AGA) based its estimate solely on legal wagers, unlike previous years that included illegal and casual bets, suggesting the actual increase in regulated online activity could be even higher as the market shifts toward legal channels.
This year also saw at least one $1m bet and a six-figure wager on the coin flip (tails by the way).
Continent 8 customer, FanDuel, reported record-breaking activity for Super Bowl LIX, with over 16.6 million bets placed by almost 3 million customers, a nearly 20% increase in bets from the 14 million recorded for LVIII (which totalled $307 million in wagers from 2.5 million users). In New York alone, a key online sports betting market, the Super Bowl LIX week saw a handle (total amount wagered) of over $557 million, with $155 million tied directly to the game, outpacing last year’s figures. FanDuel’s handle in New York for that week was $222.2 million, and DraftKings reported $193.9 million, both reflecting robust growth.
As the largest network, infrastructure and cybersecurity supplier to the US and global regulated iGaming market, Continent 8 can report its stats for Super Bowl LIX:
Continent 8 is no stranger to supporting high-traffic sporting contests. Whether it is annually for the Grand National or Cheltenham horse racing events in the UK and Ireland, the UEFA Champions League across Europe, March Madness in the US, or every four years for the UEFA Euro finals or FIFA World Cup, we know what it takes to ensure platform uptime.
As the partner of choice for iGaming and sports betting hosting, for both operators and suppliers alike, live in 31 US states, and supporting more than 90% of the largest brands in the marketplace (EGR US Power Rankings), we have the solutions and support systems in place that ultimately give companies the confidence they need to maximise the acquisition and retention opportunities these events present.
As standard for identified special sporting events, we:
In addition to this:
What’s key throughout is ensuring our customers are aware of all activity with notifications regularly sent such as internet and MPLS data, as well as average and maximum traffic in and out.
The Super Bowl is a huge event for sportsbooks, particularly now that the US has opened up online gambling (in varying capacity) in 31 states.
And after a very short amount of breathing space, we prepare for March Madness in the same vein!
Live in 31 states: Our expansion in the US began with a state-of-the-art data centre in Atlantic City, enabling customers to take advantage of the online sports betting market opportunities in New Jersey, while gaining immediate access to the Continent 8 global network. Today, we are live in 31 US states, with several new sites in the pipeline.
First-to-market: We have an aggressive strategy to ensure we are the first iGaming hosting provider in state, enabling our customers to capitalise on the fast-growing and competitive US iGaming and online sports betting market. Most recently, we went live in Missouri.
Regulated and compliant: We have vast regulatory experience and a dedicated compliance team, with strong regulator relationships across states, ensuring a complaint iGaming hosting solution for each.
Growing global team: We are a global team of 300+ specialists with a local presence – we ensure we have a team on the ground in the US to help you expand.
Learn more about our trusted solutions in the US here or contact the team via sales@continent8.com