ARTICLE

What Application Security Means for Gaming Organizations

Read Time Gus Blog

A great question with different viewpoints. For some organizations, it’s a request that’s made by an insurance provider or to satisfy compliance regulations. More than ever before, the gaming industry has heightened responsibilities to secure their environment, remain compliant with security standards, ensure player integrity and protection, and build brand reputation; causing gaming companies to look beyond the essential security assessments.

In today’s digital landscape, gaming organizations are becoming more aware and starting to create security plans. Over 20 gaming states have decided to move forward with security testing requirements for sports wagering and iGaming products. The industry’s exponential growth, along with ongoing cyber concerns, have forced organizations to take a deeper dive into identifying their security vulnerabilities and gaps and developing a strategy; implemented by investing in a CISO hire and/or partnering with security experts.

As we know – security breaches can cripple a company’s revenue and reputation; disrupting the casino, and in some major cases force the casino to close until the breach is fully remediated. In 2006, we’ve witnessed a major breach in the media with Ultimate Bet and Absolutely Poker. The cheating occurred because the perpetrators had access to unauthorized software code, which allowed the cheaters to see their players’ cards. To date, nobody knows exactly how much money the cheaters won. A security source code review would have brought forward any errors during development, vulnerabilities, or design weaknesses.

iStock-1165342430

Recent Cyber Attacks

The gaming industry has done a great job keeping breaches under the radar, but with growth in social media, it’s becoming a bigger challenge to stay out of the public eye especially after the global pandemic.

In 2020, MGM had a security breach that was publicized due to unauthorized access to a cloud server compromising 10.6 million guests.

Leveraging Cloud technology may be seen as a risky investment for the gaming industry; not only due to tight restrictions but because if it is not deployed or managed properly it can result in more security vulnerabilities, gaps, and an increase in cyber incidents especially as the cybersecurity landscape evolves and the game changes along with the techniques & tools used to keep applications secured. It’s critical to gather industry insights and consult with security experts if this is the route organizations want to pursue.

iStock-1346229964

 

Application security plays a significant role for businesses and customers as it enhances the player experience. Applications are behind your perimeter firewall. In some cases, you may have great perimeter security, but at some point, you must let your customers past to reach the desired application. If a potential hacker can exploit your application, they can access the rest of your network or application database. Web Application Firewalls have been a good fix. However, they don’t protect you against Web Application misconfigurations. The data being passed through the Web Application Firewall is valid web functionality like accessing a directory, but if this directory holds admin information, it could be a major issue. Some developers may not be fully trained with securing code and the pace of the gaming world’s usual development cycle is mostly quick to the market, or developers are rushing to fix a problem which may leave new bugs and security holes.

So, how can you ensure your application is secured? Authentication, encryption, logging and testing the use of automated tools to evaluate the effectiveness of the security actions. The reality is that organizations don’t always conduct application security assessments in the gaming environment for many different reasons including, added costs, fear of uncovering security vulnerabilities, weaknesses or gaps, investment in resources, time, & budget to remediate the gaps, etc. Although, gaming companies who take a proactive approach to strengthen their security posture when it is not required by a gaming regulator, Tribal commission, or casino policy are adding a new level of customer experience and competitive advantage.

A prime example is Everi, a gaming supplier whose mission is to lead the gaming industry through the power of people, imagination, and technology. In 2019, Everi encountered some challenges with their newly acquired loyalty partner, Atrient. With customers top of mind, Everi was committed to working with a trusted security partner to help verify they were building the most secured products possible for their customers. Aside from loyalty, they also partner with Bulletproof to deliver secure, world-class cash management and gaming content solutions to their customers while improving their security posture. Through various security assessments, testing, and planning, Everi has seen a revenue growth of 25% from 2019 to 2021.

A key consideration to ponder is what exactly are you protecting and what are your objectives? A simple answer boils down to ensuring customer data, financials, and KYC information are secured and compliant. In the 10+ years I have been in the industry, I’ve heard people say time and time again “We will think about it when we have the budget or when there’s added pressure from leadership or stakeholders,”. All valid statements, but ask yourself, what if someone was successful at harming your organization? Who are the third-party providers you rely on? Are they secure, or have they ever had a security assessment?

It’s critical to start engaging in those security conversations; it does not make your organization more vulnerable or susceptible; in fact, it’s one tiny step towards the right direction. You’ll discover how you can reduce risks, strengthen security posture, and grow your organization; enabling your customers to have the best and most secured experience.

HS CTA Gaming eBook (1)

A Guide For How Gaming Organizations Can Tackle I.T. and Security Hurdles

Today’s digital landscape has changed how the gaming industry operates, introducing new platforms, devices, and even business models. With the rise of online gaming and the exponential popularity of smartphones, gaming organizations need to adapt, pivoting with consumer behaviors. But this technological shift has also opened the door to more cybercrime than ever.


Many key players in the industry aren’t fully aware of how cyber threats have grown, both in severity and frequency. They may have IT staff in place to respond to threats, but no way of knowing if their defenses are really able to handle new challenges. 


Learn how to strengthen your defenses against modern cybercriminals with this eBook.

 

GET YOUR COPY

Why Bulletproof?

BULLETPROOF CREDENTIALS

  • Microsoft 2021 Global Security Partner of the Year Winner
  • 5X Microsoft Canada IMPACT Award Winner.
  • Over two decades of experience in the security and compliance business.
  • Microsoft Solutions Partner for Modern Work + Security, specializing in Threat Protection and Cloud Security, and Digital & App Innovation Azure
  • Two State-of-the-art 24/7 Security Operations Centres (SOC).
  • Trusted by users on six continents to protect their data, devices, and people.
  • Holder of Microsoft’s Advanced Specialization in Threat Protection.
  • Bulletproof 365 Enterprise (B365E) is a Microsoft Verified Managed XDR Solution.
  • Member of the Microsoft Intelligent Security Association.Impact Award + Global Award Duo Logos_Full Color_Trans

Website Testimonials (19)

“Bulletproof is doing an exceptional job of listening to their customers and then going above and beyond to provide them with services to unlock all the value of their Microsoft Security investment. They are able to see the value of our Microsoft security platform and have built a managed SOC service that is driving significant customer value, allowing their customers to remain focused on their business.”

-Julie Jeffries, Modern Work & Security PMM Manager, Microsoft Canada
 
28374-1-microsoft-logo-transparent

Call Us

1.866.328.5538