During an SBC Summit North America panel, three industry leaders in the cybersecurity and compliance space examined why fraud and security hacks were becoming so prevalent in the gaming and betting sector, as they highlighted the importance geolocation and new tech to combatting fraud.
David Brace – Director of Innovation at Continent8, Adam Eickhoff – Director of Cybersecurity at Hard Rock Digital, and Chad Kornett – Senior VP of Gaming Operations at GeoComply, shared the stage to discuss how to best protect and serve.
Speaking on the importance of geolocation and the dependance of companies they work with in terms of compliance, Kornett highlighted the power of geolocation compliance to accurately identify cybersecurity breaches in multiple jurisdictions.
He stated: “People are supplementing other security measures into one, think of it as geolocation as a service.
“For all of our companies, cyber security is a fundamental responsibility, not one that should be taken lightly because there are all sorts of issues. There’s cyber security breaches which can have an impact on the brand, licences, compliance, trust, and it’s all under our responsibility.”
But geolocation services are not a necessity for every security firm to provide the best-in-class for their customers, as other companies take varying approaches to negate fraud and phishing attacks.
When it comes down to the core elements of establishing a functional security service, Brace outlined three key pillars that he believes are vital to serve to his customers.
He said: “There’s people, the process, and technology. People are your strongest pillar, but also your weakest pillar, you need a consistent trading programme all the way down. We run constant fake phishing attacks, to test and educate our people.
“Processes are almost interchangeable if you haven’t got the staff. So you need a solid process, and fundamentally it also comes down to technology as well. Best-in-breed technology needs to be up to date. These are the three pillars we look towards and being able to update them regularly is vital.”
One of the most critical entry points for a company partnering with a security firm is their best practices when it comes to safeguarding personal information and data, also known as sensitive data.
Eickhoff was asked what can be done to make sure that sensitive data is the utmost priority for a company like Hard Rock Digital.
He explained: “The first is knowing where your data is. A lot of people don’t know that data is an asset, both hardware and software. The first critical step is to have data authority setup, you can’t protect what you don’t know, and you can’t protect if you don’t know where it is.
“Once you’ve identified the data that you have classified, you can start to move these modes behind that data and if anything alerts you, data that has left or is leaving in which it shouldn’t, then you have a setup for that.”
But what do cybersecurity firms do, if they have all the best practices and measures in place to ensure that data and security is impenetrable, if a new and unfamiliar threat begins to attack their software?
This question was raised in the form of artificial intelligence (AI), a technology not necessarily new, but one that is becoming significantly more sophisticated and has the ability to become an emerging large-scale threat if manipulated by bad actors.
Kornett admitted that the attackers are becoming “much more creative” in terms of utilising AI and other advanced technologies.
“They (bad actors) have many more tools at their disposal to use in their operations. We see a world where our systems can be ruled-based, i.e. if we see a threat we can put a block on that threat.
“Now, you really need data to tell you how to find the two’s in a universe of one’s. Those detection layers are so important when it comes to testing cybersecurity, information and figuring out what is out there then building a ruleset on top of that… But that’s not enough.
“There will be a threat tonight that we detect, and there will be another one tomorrow. The attackers themselves are treating this much differently even five years ago, they’re so much more creative. But, there is AI on their side, but there is also AI on our side to figure out what the defence is but you need data to meet at that comparison point.”
