Securing Online Gaming

5th Securing Online Gaming
October 17th 2019, London

 

The stakes are getting higher: How online gaming and gambling companies can stay ahead of the hackers

 

Online businesses with high-volume, low-value transaction models are extremely sensitive to website disruption.

This applies to many e-Commerce models now, from retail to fast food to taxis - but the online gaming and gambling sectors are particularly vulnerable, thanks to their combination of large financial flows and small staff and infrastructure.

DDoS attacks can cost hundreds of thousands of pounds an hour in lost revenues; redirects to fake websites can do the same; identity theft can expose sites to fraud and other liabilities; credit card payments mean PCI DSS compliance headaches; and under GDPR data privacy is a significant potential operational risk exposure to firms with so many users.

And these firms also face challenges and business drivers unique to the sector, with a key factor being the nature of their consumer base.

Gamblers are by definition risk-takers, and gamers frequently develop 'hacks' and mods to make games more enjoyable. From a social engineering angle, games often develop active communities into which cybercriminals can easily insert themselves to gain access to privileged information, without being expected to disclose a verifiable identity. 

Gamers are wising up to cybersecurity, making it a factor in deciding where and what they play. A recent survey found that three-quarters of gamers worry about security threats in the future of the gaming sector.

But they're not making it easy for platforms to secure their data, with many still leaving themselves vulnerable - 55% say they reuse passwords across accounts for online services, and the average gamer has experienced five cyberattacks.

Users like these pose their own unusual threats to security, through carelessness or malice, adding to the already significant problems the sector faces.

So how can CISOs in these sectors beat both the bad guys and the odds?

The 5th Securing Online Gaming will cover these and other key subjects for its audience of professionals tasked with safeguarding digital assets and sensitive data. There will be real-life case studies, strategic talks and technical break-out sessions from security teams behind some of the world's most admired brands, who know, just like you, that security is now more important to business than ever.

  • What are hackers saying about you online?

    • A critical component of good cybersecurity is understanding your vulnerabilities and how they relate to the latest threats
    • Gaming companies have a big problem in common with banks: they have to defend against hundreds of mimic websites designed to trick unwary customers
    • How can companies keep up with what the bad guys are doing?
  • Building better faster SOCs

    • Speed of detection and remediation is the biggest single driver of risk (and loss) reduction in cybersecurity
    • How can CISOs improve the speed of their SOC, or other security processes?
    • Many organisations can't afford in-house SOCs, or security teams big enough to counter cyber threats effectively. What can you outsource and does that solve the underlying risk problem?
  • Coping with a runaway threatscape

    • FUD isn't useful, but nor is hiding from reality
    • Hyperconnectivity and wholesale migration to the Cloud mean the attack surface is growing far more quickly than defence capabilities or cybersecurity budgets
    • How can you map the threatscape to your specific vulnerabilities and invest appropriately?
  • Who's who? Improving identity analytics

    • Adopting analytics for identity governance and administration, as well as authentication, can reduce organisational risk
    • At the same time, it can improve user experience and reduce administrative efforts and overhead
    • What do you need to be on the lookout for?
  • The devil's in the details

    • As one anonymous CISO told us recently, the single biggest reason for PCI DSS compliance failure was a lack of senior management commitment
    • As Verizon has stated, there's a strong link between PCI DSS non-compliance and loss of cardholder data
    • Under GDPR, losing card data gives customers access to class-action lawsuits on broader 'non-material damage' grounds
    • What's the best way to ensure compliance?
  • Dealing with the alert tsunami

    • SIEM and SOAR systems are smart, but they're expensive, they require highly-skilled staff, they're noisy, and alerts without context are not that useful
    • The time and effort of monitoring, fine-tuning and responding to alerts can leave teams overwhelmed and likely to miss real threats
    • How can alert fatigue be prevented, without sacrificing visibility?

Job titles

Who attends

PCI Lead/Architect
Head of Information Security
CTO
Senior Information Security Technology Analyst
Security
Senior Security Architect
Head of Technical Compliance
Managing Director
Head of Security Operations and Infrastructure
Head of Information Security
Data Engineer
Managing Director, Trading Services
Information Security Manager
Lead IT Auditor
I.T. Security Engineer
Information Security Manager
VP Engineering
Head of Casino Technology
Network Security Analyst
Information Security Officer
Information Security Manager
Head of Governance, Risk & Compliance
Technical Compliance Expert
Head of Security Assurance
Internal Audit Manager
AML Officer
Director of Compliance and Risk Management
Remote Investigations Manager
CTO
Manager, Economic Crime Remote Payment Channels
Head of Payments
Head of Operational Risk
Remote Compliance, Senior Officer
Intelligence & Security Manager
Group CTO
Chief Programme Officer
Head of IT Networks & Security
Lead Server Architect
Lead IT Auditor
Senior Information Security Manager
IT Manager
Compliance Manager
Virtual CISO
IT Producer
Head of Payments
Head of Cyber Risk and Threat Intelligence
Online Business – Fraud and Billing Manager
Cyber & Threat Management Lead
Fraud Manager
Senior Information Security Manager
Senior Policy Officer
Director of Compliance
Operations Manager
DevOps/Big Data Specialist
Information Security Manager
IT Security Engineer
Information Security Officer
Senior VIP Manager
IT Security Architect
Security Analyst Manager
Compliance Manager
Infrastructure Director
Information Security Manager
Online Development Director
Head of Threat Intelligence
Payments & Risk Manager
KYC Operations Manager
Head of Network and Security
Network Engineering Technical Lead
CISO
Deputy Director, Compliance
CTO
Network and Security Technician
Head of Security - Infrastructure and Applications
PCI Lead
CTO
Compliance Manager
Solutions Architect
Anti-Fraud Team Lead
Director Global Product Security
Chief Information Security Officer
Head of Information Security & Compliance
Regulation - Compliance/AML - Operational & Project Management
Head of Technical Assurance
Head of IT Security
Senior Officer
IT Systems and Infrastructure Manager
Senior IT Auditor
Compliance Officer
IP Coordinator
Corporate Executive & Group IT Director
Security Specialist
Senior Online Operations Administrator
Head of Solution Architecture
Social Responsibility & Compliance Attorney
Security Business Manager
Senior Manager Monitoring & Response
Head of IT Infrastructure & Security
Customer Analysis Supervisor
Senior Information Security Manager
Remote compliance manager
Partner - IT & Outsourcing Team
Group Head of Legal & Compliance
Security Manager
Principal Security Architect
Fraud Analyst
Head of Product
I.T. Security Manager
Web Infrastructure Manager
Head of Payments and Fraud
Lead Architect - Lottery
Fraud & Risk Shift Manager
IT Auditor
Business Systems Manager
Litigation Partner
Principal Exchange Developer
Payments and Fraud Manager
ISO
Head of Security Operations & Architecture
Information Security Technology Analyst
Technical Lead
Information Security & Risk Manager
Network and Security Engineer
Senior IT Security Manager
Head of Internal Audit, Compliance, Risk & InfoSec
Director of Information Security
Fraud Payment Specialist
SVP Head of Risk & DPO
Risk & Compliance Executive EMEA
Security Engineer
Global Director of Security Incident Response
Director of Gaming
Head of Information Security
VP Security

Companies

Bet365
22 Cans
Bede Gaming
SuperBet
International Game Technology (IGT)
Ladbrokes Coral Group
BetConstruct
Eaton Gate Gaming | Kwiff
Caesars Entertainment UK
King
National Crime Agency
Paddy Power Betfair
Health Lottery
Camelot Group
Codemasters
Jagex
GVC Holdings
FanDuel
Rank Group
1710 Gaming
Sky Betting & Gaming
William Hill
Genting Casinos
Kindred Group
Tabcorp
Win Technologies
Colossus Bets
GLI Group
Dovetail Games
Fortuna Entertainment Group
VSoftCo
SEGA Europe Limited
Betable
Gambling Commission
Smartgames Technologies
DomoComs
Sony Interactive Entertainment Europe
OpenBet
Activision Blizzard
Boylesports
Alderney Gambling Control Commission
Gala Coral Group
The Workshop
Greenman Gaming
Smarkets
Square Enix
iSoftBet
Aspers Casino
Sony
Betway
UKIE - The Association for UK Interactive Entertainment
Electronic Arts Inc
Marmalade Game Studio
Information Commissioners Office
GAN
SG Digital
CMS
Sportradar
Playtech

Industries

eSports
eGaming
eGambling
Telecommunications
Internet service providers
Payment platforms
Lottery providers
Legal firms
Application developers
Bingo operators
Casino operators
Platform providers
Sports betting
Interactive media
Augmented reality
Virtual reality
Video gaming
Gaming console manufacturers
Digital entertainment
eSports
eGaming
eGambling
Telecommunications
Internet service providers
Payment platforms
Lottery providers
Legal firms
Application developers
Bingo operators
Casino operators
Platform providers
Sports betting
Interactive media
Augmented reality
Virtual reality
Video gaming
Gaming console manufacturers
Digital entertainment


Venue

Park Plaza Victoria, London

vpp

Location:
Park Plaza Victoria
239 Vauxhall Bridge Road, London, UK, SW1V 1EQ
Telephone: 0844 415 6752
 

Directions:
Please click here