With the rapid evolution of technology, robust cybersecurity is vital for enterprises to protect sensitive information and systems from a range of cyber threats, including hacking, data breaches and malware attacks. As technology advances, so do the methods used by cyber criminals, necessitating the implementation of protective cybersecurity measures.
In this blog, Craig Lusher, Product Principal of Secure Solutions at Continent 8 Technologies, explores how Security Information and Event Management (SIEM) platforms and Security Operations Centres (SOCs) allow organisations to adapt to emerging threats, maintain a robust cybersecurity posture and meet regulatory compliance.
SIEM solutions consolidate security monitoring across an organisation’s diverse technology stack, enabling SOC engineers to detect and respond to threats through a unified management interface. SIEM solutions serve as the central hub of an organisation’s security system, collecting and normalising security logs and events from various IT sources including network devices, servers and security systems. They provide a central register for all security events and logs, performing event correlation, threat enrichment and analysis, filtering out informational events and promoting true security events and threats, helping organisations protect their systems from attacks and breaches.
A SOC, or Managed Security Operations Centre (MSOC), such as those offered by Continent 8 and C8 Secure, is a dedicated team that focuses on safeguarding the company’s systems from security threats. Utilising various tools, such as a SIEM system, they watch over the company’s computer systems, spot any problems or attacks and respond to them quickly. The SOC functions as a cybersecurity team, ensuring everything is running smoothly and securely.
SIEM systems are integral in SOC cybersecurity, offering SOC teams with a holistic view of their cybersecurity events.
To begin, the SIEM system correlates and analyses the aggregated security data from internal sources and external threat intelligence to identify any unusual or suspicious activities that could indicate a potential security issue. Upon detection, it promptly alerts the SOC team, enabling them to address the issue swiftly.
In the event of an incident, the SIEM system provides comprehensive information that assists SOC analysts in understanding the nature and severity of the threat. This insight aids in effective response and helps prevent future occurrences.
Additionally, SIEM systems support compliance efforts by generating reports and maintaining logs that demonstrate the organisation’s adherence to necessary regulations. These systems are indispensable for managing security incidents and events, facilitating efficient monitoring, detection and management of security challenges by SOC teams.
Operating a SOC without a SIEM system would be quite challenging. A SIEM system provides the centralised tool required to gather and interpret security data, which is crucial for effectively preventing, detecting, investigating and responding to threats. While a SOC might use other tools and methods, SIEM systems are integral for streamlining these processes and ensuring comprehensive cybersecurity management. SIEM systems employ advanced analytics and automation to filter and prioritise security alerts, preventing the cognitive overload, or alert fatigue, that occurs when SOC engineers manually process a constant barrage of security logs. This intelligent filtering not only reduces the risk of human error and missed security events but also optimises operational costs by allowing SOC engineers to focus their expertise on critical threat analysis and incident response rather than routine log review. The result is more efficient resource allocation and enhanced security effectiveness.
A successful SIEM and SOC strategy begins with defining clear objectives and goals for each system. Essential components of effective SIEM and SOC strategies include:
Continent 8 offers a comprehensive SIEM and Managed SOC solution that addresses critical cybersecurity challenges. This platform provides centralised visibility of your entire infrastructure, coupled with 24/7 expert monitoring and rapid threat detection and response, ensuring regulatory compliance while allowing maintaining a robust cybersecurity posture.
Our SIEM and MSOC solution consists of the following key service components:
Continent 8’s SIEM platform is a comprehensive, multi-tenant solution that gathers and correlates security data across a customer’s infrastructure. Enhanced by AI-driven SOAR and correlation capabilities with integrated threat intelligence tools, it delivers advanced analytics and automated incident response workflows. The platform is built for high performance, scalability and real-time threat detection, ensuring rapid identification and resolution of security incidents.
Continent 8’s MSOC solution is a fully managed, multi-tenant service offering real-time security monitoring and incident response for customers. Following the NIST framework, it leverages our sophisticated SIEM platform to collect and analyse security alerts, offering customers actionable insights and remediation strategies through tailored playbooks. By outsourcing security operations to Managed Security Service Providers (MSSPs) such as Continent 8, customers can focus on their core business while benefiting from the expertise of Continent 8’s 24/7/365 global SOC team.
Continent 8’s Sentinel managed device is deployed within the customer’s network, aggregating logs and events from various systems, normalising them and preparing the data for secure transmission to the SIEM. It utilises encryption to ensure data integrity and privacy, compressing and deduplicating data to optimise performance. Sentinel enhances security visibility by enabling seamless data collection and forwarding.
Continent 8’s Incident Response System integrates directly into Continent 8’s SIEM to streamline incident response processes. It provides a centralised platform for managing and tracking security incidents from detection to resolution, with built-in automation for workflows and playbooks. By enabling collaborative responses and providing real-time data sharing, it significantly improves incident resolution times while enhancing post-incident analysis and reporting.
Continent 8’s Cyber Threat Intelligence Service serves as a structured repository for aggregating, analysing and sharing cyber threat intelligence. It allows organisations to collect data on threats, actors and campaigns, helping security teams anticipate and mitigate potential attacks. Through its powerful visualisation tools, the service enhances situational awareness and enables proactive threat detection.
Continent 8’s Security Orchestration and Automated Response (SOAR) tool, implemented within Continent 8’s SIEM, provides a no-code automation platform for orchestrating and automating security workflows. Its drag-and-drop interface simplifies the creation of complex incident response processes, reducing manual effort and improving efficiency. With pre-built templates and over 2,000 app integrations, it enables quick deployment of automated responses, ensuring consistent handling of security incidents.
Continent 8’s Threat Analysers and Responders are automation tools integrated into Continent 8’s SIEM that enrich security events with threat intelligence from multiple sources. With over 100 analysers, they provide critical context for observables such as IPs and URLs, supporting faster decision-making during investigations. These tools enhance threat detection and response by simplifying data analysis and improving the quality of incident responses.
Continent 8’s Intrusion Detection System (IDS), combined with our proprietary Continent 8 Sentinel platform, provides advanced network security monitoring, threat detection and response capabilities, delivering unparalleled visibility and security throughout your entire network infrastructure.
SIEM and MSOC services deliver significant cybersecurity enhancements through real-time monitoring, detection and response. This proactive approach aids in the early identification and mitigation of threats by collecting, analysing and correlating data from across a customer’s network with other ongoing security events. Collaborating with MSSPs also guarantees access to a dedicated team of SIEM and MSOC specialists who work closely with your IT team, providing playbooks and optimal risk mitigation strategies to address specific exploits or vulnerabilities, thereby ensuring optimal cybersecurity posture.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your organisation’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent8.com or fill out our Contact Us page.
The year 2024 marked another remarkable chapter for Continent 8 Technologies. Over the course of the year, we expanded our global network, enhanced our infrastructure and cloud services, forged new cybersecurity partnerships, introduced innovative products, launched our inaugural podcast and much more.
Explore below as we reflect on some of our remarkable accomplishments from 2024.
We continue to expand our data centre locations and points of presence globally, with an unrivalled private network of over 100 locations across four continents. Our carrier-grade network, which includes more than 35 global Internet Edge and Internet Exchange locations and over 5 Tb of IP transit capacity, provides resilient, high-performance and low-latency connectivity, ensuring zero-compromise user experiences. We’re equipped to support the growing regulated iGaming and online sports betting sector, covering more than 30 US states and six LATAM and Caribbean regions, including Brazil, an exciting new regulated market.
As the fastest go-to market supplier and the trusted infrastructure and cybersecurity partner to the industry, we power and protect the world’s leading brands, such as bet365, Apricot (formerly Microgaming), BetMGM, DraftKings, FanDuel, PointsBet, Playtech, Sportingtech and more. We also take pride in being a supporting partner to 90% of the top 10 organisations on the 2024 EGR Power 50 Rankings list and over 95% on the 2024 EGR Power US Rankings list.
We were selected to join the prestigious AWS Solution Provider Program (SPP). Through this AWS partnership, we introduced a suite of managed and professional services designed to simplify hybrid and multi-cloud environments and infrastructures. These new services, available via the AWS Marketplace, include:
This effort is part of our expanding cloud initiative designed to support the varied needs of our customers seeking hyperscale, hybrid, public and private cloud solutions.
To continue to provide the industry with comprehensive 360-degree protection, and meet the increasing market demand as a Managed Security Services Provider (MSSP) via our cybersecurity division, C8 Secure, we collaborated with cybersecurity specialists to enhance our range of cybersecurity services and solutions.
In 2024, we partnered with MIRACL, a passwordless multi-factor authentication (MFA) provider, to deliver a secure, single-step MFA solution, ensuring the most secure and efficient authentication experience possible. Additionally, we teamed up with Corrata, an advanced detection and response provider for mobile endpoints, to fortify mobile devices against modern security threats, ensuring secure access to corporate data.
As cyber threats became the new normal in 2024, it is unsurprising that we observed a record number of customers adopting our managed cybersecurity services. Sportingtech, for example, has implemented our Managed Security Operations Centre (MSOC) and Security Information and Event Management (SIEM) services to ensure continuous 24/7 monitoring, prompt threat prevention and rapid response.
In 2024, we marked a significant corporate milestone by meeting and exceeding 300 employees in December, representing a growth of over 20% from 2023. With specialists now located in 19 countries, including our newly established offices in the Philippines, we are dedicated to growing our team to deliver outstanding service and attention to our customers worldwide.
As industry leaders, we are committed to informing, educating and guiding the iGaming and online sports betting community on all matters related to infrastructure, cloud and cybersecurity. In 2024, as an engaged participant in the community, we participated in over 50 industry events, contributed to or led more than 20 industry panels and received 5 industry awards, along with numerous accolades and recognitions for our customer-centric managed services and solutions.
Our enduring presence in the iGaming industry is largely attributed to the strong partnerships we have cultivated over our 25-plus years of operation. Among these is Playtech, a leading provider of platforms, content and services in the industry. In November, we were pleased to extend our two-decades-long partnership, allowing Playtech to further utilise our range of managed and professional services. This renewal underscores both companies’ shared commitment to advancing and shaping the expanding regulated online gaming market.
Shimon Akad, COO at Playtech, stated, “Continent 8 have been our hosting and connectivity partner since the onset of our journey, 20 years ago. Renewing our agreement is a testament to the joint work and success we’ve built together, and I look forward to continuing our strong collaboration for years to come.”
At the 2024 SBC Summit North America, Michael Tobin, the Founder and CEO of Continent 8, was formally inducted into the Sports Betting Hall of Fame. He was recognised for his relentless dedication over the past 25-plus years, driving innovation and fostering growth in the global gaming industry.
Michael expressed his gratitude, sharing, “It is truly an honour to be recognised by my peers, and it’s also a testament to the hard work and dedication of the entire Continent 8 team.
“I am incredibly proud of all that we have accomplished, the value we have added to the industry and the ways in which we have empowered our customers and partners to achieve success. The iGaming and online sports betting industry is constantly evolving, and I am excited to see how we can continue to embark on this journey to grow the market together.”
Broadcom’s acquisition of VMware had a substantial impact on the HCI market. As a Nutanix Authorised Service Provider, we transitioned numerous iGaming and non-iGaming customers from their VMware ecosystems to Nutanix HCI environments. Our own documented journey from VMware’s Cloud Foundation platform to Nutanix’s Acropolis and Acropolis hypervisor (AHV) demonstrated the benefits of a VMware-to-Nutanix migration, reducing hardware infrastructure, physical footprint and operational costs, all with minimal disruption and downtime.
In response to the growing need for tailored cybersecurity services and insights within the tribal gaming sector, we launched the ‘Tribal Talks: Cybersecurity Unlocked’ podcast series. Hosted by Continent 8’s Jerad Swimmer, this podcast provides a unique forum for tribal leaders and experts to share their experiences, accomplishments and lessons learned. Through insightful discussions, listeners gain a comprehensive understanding of the technological advancements, cybersecurity challenges and best practices influencing the tribal gaming industry.
As 2024 draws to a close, we are excited to kick off the New Year with ICE 2025 (stand 2G20) in Barcelona. At ICE, we will showcase our regulatory and compliance-driven hosting, connectivity, cloud and cybersecurity solutions, with our industry experts on hand to discuss and explore the latest technological advancements, trends and challenges for 2025 and beyond.
If you’re interested in scheduling a meeting with one of our specialists or joining us for a coffee at our Caffein8 bar, please visit our ICE 2025 page.
Jerad Swimmer, Regional Sales Director at Continent 8 Technologies, explores the remarkable surge in tribal gaming revenues and its implications for cybersecurity.
The year 2023 marked a significant milestone in the tribal gaming industry, with revenues reaching an all-time high of $41.9 billion USD, according to the National Indian Gaming Commission. Advisory firm Wipfli noted that this marked the fourth consecutive year of revenue growth for tribal casinos. This remarkable growth reflects the increasing popularity and expansion of tribal casinos across the United States.
The impressive revenue figures are a testament to the hard work and innovation within the industry, highlighting the importance of tribal gaming as a vital economic driver for many tribal communities. However, with great success comes great responsibility, particularly in the realm of cybersecurity.
As tribal casinos flourish financially, they become attractive targets for cybercriminals. The surge in revenue has unfortunately been paralleled by a rise in cyber threats aimed at exploiting vulnerabilities within these establishments, with one source indicating that cyber attacks on tribes surged by almost 60% in 2023.
Cyber attacks on tribal casinos can range from data breaches to ransomware attacks, each with the potential to cause significant financial and reputational damage. The increasing sophistication of these threats demands a proactive and robust approach to cybersecurity to protect both the assets and the patrons of tribal gaming operations.
Several high-profile cybersecurity incidents have underscored the vulnerabilities within the tribal gaming sector. For instance, a tribal casino recently experienced a three-week closure due to an undisclosed cybersecurity incident. Casino officials advised previous guests to monitor their financial and credit card statements for any potential issues.
Another notable incident involved a ransomware attack that compromised all internet servers and data, with the attackers demanding up to $500,000 to restore services. These incidents highlight the critical need for enhanced cybersecurity measures to safeguard the integrity of tribal gaming enterprises.
To counter the escalating cyber threats, tribal casinos must adopt comprehensive cybersecurity strategies. This includes implementing advanced threat prevention, detection and response systems, regular security audits and continuous employee training to recognize and mitigate potential threats.
Investing in cybersecurity infrastructure, such as firewalls and mobile endpoint protection, can significantly enhance the security posture of tribal gaming operations. Collaborating with cybersecurity experts and adopting industry best practices are also pivotal steps in fortifying defenses against cyber attacks.
As cyber threats continue to evolve, tribal casinos can leverage innovative technologies and solutions to enhance their cybersecurity posture and ensure 360-degree protection. Key solutions include:
As tribal gaming continues to thrive, the critical role of cybersecurity becomes increasingly evident.
In response to the escalating threat of advanced cyber attacks targeting tribal governments and organizations, the Department of Homeland Security announced on July 1, 2024, the allocation of over $18.2 million USD in grants to 32 tribal governments. These inaugural grants, issued under the Tribal Cybersecurity Grant Program (TCGP), represent a commitment to supporting tribal communities and gaming organizations in overcoming cybersecurity challenges within their digital infrastructures and environments.
By prioritizing cybersecurity in 2025 and beyond, tribal casinos can ensure sustained growth and resilience, safeguarding their revenues and reputation in an increasingly digital world. The path forward involves a balanced approach that combines innovation and vigilance, ensuring the prosperity and longevity of the tribal gaming sector.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your tribal organization’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent.com or fill out our Contact Us page.
Also, be sure to watch the latest episode in our Tribal Talks: Cybersecurity Unlocked podcast series – also available on Spotify – to gain a deeper understanding of the technological advancements, cybersecurity challenges and best practices shaping tribal gaming landscape.
In the most recent installment of our Cultiv8 Employee Series, Jordan Holmes, Vice President of Human Resources at Continent 8 Technologies, engaged in a conversation with Pawel Blazejewicz, our Monitoring and Observability System Manager based in Ontario.
During the discussion, Pawel shares his unique and rewarding career path at Continent 8, his enthusiasm for big data and his team’s diverse projects and initiatives that empower both the company and our customers with robust data-driven insights, enabling smarter, more focused decision-making.
Hi Pawel! Can you tell us a little but about yourself and your role as the Monitoring Manager at Continent 8?
I have been with Continent 8 for well over a decade, taking on various roles – from System Administrator to Infrastructure Lead, Senior Cloud and Infrastructure Architect, and now my latest position, Monitoring and Observability System Manager. This project was initiated by our VP of Network, Philippe Gagne, who recognised the need to enhance our infrastructure insight amid the digitalisation wave. With Continent 8’s rapid growth driven by the opening of the US market, it’s more important than ever to leverage data not only for observability but to build an intelligent system that understands dependencies across the tens of thousands of devices comprising the complex network of IT services we provide.
How did you come to choose a career in monitoring?
I didn’t choose this role; it chose me. Our Chief Information Officer, Anthony Abou-Jaoude, recognised my passion for this project even before I did. He became my mentor for big data projects. I must say this has been a very rewarding journey, completing my IT world. Today, I am carrying the torch forward to ensure that our vision becomes reality.
What attracted you to the role and to joining the Continent 8 team? What do you enjoy most about your job?
After 12 years with this company, I’ve gained in-depth IT knowledge across all layers and levels. I’ve directed projects spanning the globe and had the opportunity to travel with them. Continent 8 has given me a place to contribute meaningfully to our future growth. In the realm of observability and metrics, I believe the key lies in digestible data that can be fed into algorithms, bringing ML and AI to life. With a deep understanding of Continent 8’s setup, I’m able to guide my team in creating a product that mirrors the real world, complete with all the dependencies and solutions we’ve built into it.
Can you describe some of the challenges you face as a Monitoring Manager? How do you also stay up to date on the latest monitoring best practices and developments?
We are creating a unique, fully customised solution tailored to Continent 8 and our valued customers’ needs. Challenges are part of the journey, but the most important aspect is surrounding yourself with people who are ready to tackle them alongside you. At Continent 8, I believe we have an incredible team ready to do just that! Remember my earlier mention of Anthony recognising me as a strong candidate to lead this project? The success of this project is a direct result of surrounding yourself with supportive people who are on the same journey, here to help and push each other forward.
They say it takes a village to raise a child – well, in this case, it takes an entire community to bring this project to fruition.
How do you align with Continent 8’s culture and values of Active Ownership, Purposeful Creativity and/or Genuine Care?
I’ve been here this long because the values the business demonstrates toward its customers align perfectly with the values I’ve shown to customers and coworkers throughout my career. As a boutique service provider, we know that listening to our customers is essential to maintaining our unique approach. A perfect example is the project I’m currently involved in – creating a comprehensive map of our entire infrastructure and services. This will not only allow us to foresee potential issues but also provide our customers with real-time data, giving them valuable insights to help their businesses grow faster and with greater focus.
Can you talk through some of the new initiatives you are or will be working on?
My main focus for the foreseeable future is to expand the amount of data we collect and to continually add more services to our observability system. By increasing our data and broadening our capabilities, we’re positioning Continent 8 to stay ahead of potential issues and empower our clients with insights that drive smarter decisions.
Any final thoughts?
If you’re interested in more detailed information about what we do, how we do it and what we offer, I invite you to explore my LinkedIn articles on our observability and monitoring system. I hope you enjoy them, and feel free to reach out if you have any questions – I’m happy to help!
To read Pawel’s “Monitoring and Observability” series, you can follow him on LinkedIn at https://www.linkedin.com/in/pawelblazejewicz.
Craig Lusher from our Secure team provides a comprehensive analysis of the latest DDoS statistics from the third quarter of the year and their implications for cybersecurity trends.
The third quarter of 2024 has continued to show relatively low DDoS attack activity, with 37 attacks recorded. This represents a slight increase from 2Q’s 32 attacks but remains significantly lower than the 359 attacks recorded in 3Q 2023. The most active month was July, which aligns with historical patterns of increased summer activity.
3Q 2024 showed some interesting patterns in attack intensity:
This quarter’s largest attack (16.8 Gbps) represents a significant decrease from 2Q 2024’s peak of 85.5 Gbps. For perspective, this is dramatically lower than the massive attacks seen in 2023, which peaked at 560.6 Gbps in Q2 2023, and over 1Tbps prior to that.
Key statistics for 3Q 2024:
Comparing 3Q 2024 with recent quarters reveals several interesting trends:
This shows a relative stabilisation at lower attack volumes compared to 2023’s numbers.
While more intense than 1Q, 3Q’s attacks remained relatively moderate compared to historical peaks.
The consistent number of affected customers over 2Q and 3Q 2024 suggests a stable threat landscape, though individual customers faced more repeated attacks in 3Q.
Comparing 3Q 2024 to 3Q 2023 shows a dramatic shift in the threat landscape:
The lower volume but moderate intensity of attacks suggests a shift in attacker strategies, possibly focusing on more targeted, strategic attacks rather than broad campaigns.
The average attack duration of 2 hours shows a trend toward longer, more sustained attacks compared to previous quarters, potentially indicating more sophisticated attack strategies.
While attack volumes remain relatively low compared to 2023 and previous, the increase in attacks per individual customer and attack duration suggests continued evolution in threat actors’ strategies. Organisations should maintain robust DDoS protection despite the lower overall attack volumes, as the pattern of attacks suggests more targeted and potentially more sophisticated approaches.
The historical pattern of increased activity during major sporting events and holiday periods suggests potential for increased activity in the upcoming quarters, particularly with various significant events on the horizon.
This analysis demonstrates the importance of maintaining comprehensive DDoS protection and the value of Continent 8’s multi-layered security approach, even during periods of relatively low attack volume.
Our best-in-class DDoS solution continues to evolve and in recent months we have amplified our scrubbing capacity to 5+ Tbps, as well as increased our scrubbing centres geographically deployed across multiple continents. Locations include Los Angeles, Chicago, New York, Miami, London, Amsterdam, Frankfurt, Singapore, Hong Kong and Sao Paulo.
Key features of our mitigation solution:
DDoS protection should also form part of a wider, multi-layered approach to cybersecurity. A 360-degree, end-to-end protection strategy should include DDoS mitigation solution as well as WAF/WAAP protection, MDR/EDR services, SIEM and SOC resources, VAPT assessments, backup solutions, and mobile device and phishing defence services.
This is the only way to have multiple protections in place for each attack type and to ensure the greatest level of resilience.
To learn more about how Continent 8 can help protect your organisation, contact a member of the team via sales@continent8.com or our Contact Us form.
A Distributed Denial-of-Service (DDoS) attack, whether large or small, can cause significant downtime and financial loss.
But what exactly is a DDoS attack?
In this blog, Craig Lusher, Product Principal of Secure Solutions at Continent 8 Technologies, will explore what a DDoS attack is, the different types of DDoS attacks, and the best practices for mitigating DDoS attacks.
A DDoS attack is like an unexpected traffic jam on an otherwise free-flowing highway. The attacks attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming it with a flood of Internet traffic.
DDoS attacks leverage multiple compromised computer systems as sources of attack traffic, including computers and Internet of Things (IoT) devices. They involve networks of Internet-connected devices infected with malware, controlled remotely by attackers and forming a botnet.
The process begins with the attacker creating the botnet by infecting multiple devices. Next, they send remote commands to the botnet, which then sends numerous requests to the target’s IP address. This flood of requests overwhelms the server or network, resulting in a denial-of-service for legitimate traffic.
Several high-profile DDoS attacks have made headlines in recent months, showcasing the damage these attacks can inflict, regardless of industry.
DDoS attacks come in various forms. DDoS attacks can be categorised into three main types based on which part of the network connection they target.
A volumetric attack aims to overwhelm the bandwidth between the target and the Internet with massive amounts of data. The attack often uses amplification techniques to ensure it consumes all available bandwidth.
A good example is Domain Name System (DNS) amplification. This method is done through a small query to an open DNS server with a spoofed IP address, resulting in a large response being sent to the victim, ultimately overwhelming their bandwidth.
A protocol attack exploits weaknesses in network protocols, particularly layers 3 and 4 of the protocol stack. It disrupts service by consuming server resources or network equipment resources like firewalls and load balancers.
SYN flood is a popular method. It overwhelms the target by sending many TCP SYN packets with spoofed IP addresses, exhausting resources by never completing the TCP handshake.
The application layer attack targets the application itself, often appearing as legitimate traffic. It exhausts the target’s resources and creates a denial-of-service. The attack preys on the application layer (Layer 7 of the OSI model) where web pages are generated and delivered in response to HTTP requests.
HTTP flood method, for example, generates multiple HTTP requests to flood the server. These requests overwhelm the server and cause a denial-of-service. These can range from simple attacks with one URL and similar IP addresses to complex attacks using many IP addresses and random URLs.
The main challenge in mitigating a DDoS attack is distinguishing between legitimate traffic and attack traffic. For example, a legitimate surge from a product release differs from an attack surge from known attackers.
These attacks are also multi-vector. This means they use multiple pathways to overwhelm targets, making it harder to distinguish between attack and normal traffic. A layered approach, such as combining DNS amplification (targeting layers 3/4) with an HTTP flood (layer 7), requires varied strategies for mitigation.
Due to these complexities, protecting a site from DDoS attacks requires a multi-layered approach. In the event of unforeseen circumstances, having a clear plan in place for responding to DDoS attacks can minimise downtime and damage.
Finding a service specialising in DDoS solutions can be a great help, but there are layers to the mitigation process.
At Continent 8, we advocate for a ‘defence-in-depth’ strategy, where multiple layers of security controls are implemented throughout the organisation’s IT environment. This ensures that if one layer is breached, additional layers are in place to prevent or mitigate the attack.
Continent 8’s defence-in-depth, multi-layered approach includes:
Continent 8 offers the most comprehensive cybersecurity solutions equipped to meet today’s emerging DDoS threats.
Continent 8 provides comprehensive, multi-layered threat prevention, detection and response solutions to secure your organisation’s digital assets in the face of evolving cyber threats. For more information on how Continent 8 can support your cybersecurity initiatives, email sales@continent8.com or fill out our Contact Us page.
On May 2, 2024, the Secretariat of Prizes and Bets (SPA) and the Ministry of Finance (MF) issued Ordinance No. 722 (link here in Portuguese). This set of regulations outlines the essential technical and cybersecurity criteria that iGaming and online sports betting operators must adhere to within six months of obtaining their gaming licenses.
In her blog series, Luana Monje, Sales Executive at Continent 8 Technologies, examines the latest infrastructure, cloud, cybersecurity and regulatory developments for the newly regulated Brazilian iGaming and online sports betting market. In her first blog, Luana explored the Ordinance 722’s penetration testing requirement, and in this blog, she investigates the recovery and backup system, business continuity and disaster recovery plan and firewall protection requirements in full detail.
Ordinance 722, Annex IV, section 15 – Recovery: In the event of a catastrophic failure where the betting system, or any component or platform, cannot be reset in any other way, it must be possible to restore the system from the last backup point and fully recover it.
Ordinance 722, Annex IV, section 17 – Business continuity and disaster recovery plan: A business continuity policy and disaster recovery plan must be adopted to recover betting operations if the production environment of the betting system or any of its platforms becomes inoperable.
In the regulations outlined for iGaming and online sports betting in Brazil, robust recovery and business continuity mechanisms must be in place to ensure that, should a catastrophic failure occur, the operator or supplier can restore the betting system and fully recover from the last backup point.
Ordinance 722’s recovery section explains that such backups must encompass not only the recorded information but also extend to include location-specific details such as security configurations and user accounts. Furthermore, current system encryption keys and a comprehensive record of system parameters – whether modifications, reconfigurations, additions, merges, deletions, adjustments or changes to parameters – need to be meticulously maintained.
Meanwhile, Ordinance 722’s business continuity and disaster recovery section recommends that the plan comprise data storage methodologies to minimise losses, document the recovery procedures and provide a comprehensive recovery guide. Moreover, it should propose the process for resuming administrative operations post-recovery, tailored to the system’s operational context.
The Continent 8 solution: Our multi-pronged services approach offers operators and suppliers the optimal path to backup and business continuity in the event of an incident or disaster.
Ordinance 722, Annex IV, section 31 – Firewall: All communications, including remote access, must pass through at least one approved application-level firewall.
An effective firewall serves as the guardian of the network, meticulously scrutinising all incoming and outgoing communications to thwart unauthorised access and potential threats. Ordinance 722’s firewall communication suggests that the firewall be placed at the juncture of different security domains, ensuring that no alternative network path exists that could circumvent the firewall. Only essential applications related to the firewall’s operation are permitted to reside on the device, and access is restricted to a limited number of user accounts, primarily network or system administrators. These firewalls should analyse all incoming and outgoing communications, ensuring that only traffic from trusted network sources is permitted. Furthermore, stringent access controls, backed by the latest encryption protocols, safeguard remote interactions with the gaming platform.
The Continent 8 solution: Our Firewall service includes customisable IDS/IPS capabilities. When combined with our managed Security Operations Centre (SOC) service, IDS/IPS events are enriched with specific threat intelligence and ingested into our Security Incident and Event Management (SIEM) platform. Our SOC analysts can then deliver powerful insights into a customer’s current threat state and perimeter activities, providing detection, prevention and responses to known and emerging threats.
Recovery and business continuity plans, along with firewall protection, provide an excellent starting point for iGaming and online sports betting operators and suppliers launching operations in Brazil’s regulated gaming market. For end-to-end protection, we recommend operators and suppliers adopt a holistic risk mitigation approach. A complete, 360-degree defense strategy includes:
By referencing the SPA and MF’s Ordinance 722 policies and partnering with an experienced and trusted solutions provider like Continent 8, operators and suppliers can deploy multi-defense, multi-layer cybersecurity protection strategies for their iGaming and online sports betting platform. This approach enables them to comply with Brazil’s latest technical and cybersecurity regulations while demonstrating their commitment to providing secure and trustworthy gaming environments and experiences.
Continent 8 Technologies, the trusted managed hosting, connectivity, cloud and cybersecurity partner to the global iGaming and online sports betting industry for over 25 years, is live in every major regulated Latin American (LATAM) jurisdiction, including Brazil.
Operating out of the LATAM region since 2020, we offer operators and suppliers access to state-of-the-art data centres, connectivity to a global private network featuring 100+ locations across four continents and best-in-class managed and professional services to support the most demanding iGaming and online sports betting requirements.
Discover why Continent 8 is the go-to infrastructure and cybersecurity provider for leading LATAM operators and suppliers such as Betcris, Boldt, Bplay and Vibra Gaming, and learn how we ensure the seamless implementation of compliant and secure infrastructures so that your Brazilian gaming operations are live from day one.
For more information on how Continent 8 can support your organisation’s regulatory and cybersecurity requirements, visit www.continent8.com/br or contact Luana at luana.monje@continent8.com.
A 2 de maio de 2024, a Secretaria de Prémios e Apostas (SPA) e o Ministério das Finanças (MF) emitiram a Portaria n.º 722 (link aqui). Este conjunto de regulamentos define os critérios técnicos e de cibersegurança essenciais que os operadores de iGaming e de apostas esportivas online devem cumprir no prazo de seis meses após a obtenção das suas licenças de jogo.
Em sua série de blogs, Luana Monje, Executiva de Vendas da Continent 8 Technologies, examina os mais recentes desenvolvimentos de infraestrutura, nuvem, cibersegurança e regulamentação para o recém-regulamentado mercado brasileiro de iGaming e apostas esportivas online. Em seu primeiro blog, Luana explorou o requisito de teste de penetração da Portaria 722, e neste blog, ela investiga o sistema de recuperação e backup, continuidade de negócios e plano de recuperação de desastres e requisitos de proteção de firewall em detalhes completos.
Portaria 722, Anexo IV, secção 15 – Recuperação: Na eventualidade de uma falha catastrófica em que o sistema de apostas, ou qualquer componente ou plataforma, não possa ser reposto de outra forma, deve ser possível restaurar o sistema a partir do último ponto de cópia de segurança e recuperá-lo totalmente.
Portaria 722, Anexo IV, secção 17 – Plano de continuidade das actividades e de recuperação de desastres: Uma política de continuidade de negócios e um plano de recuperação de desastres devem ser adotados para recuperar as operações de apostas se o ambiente de produção do sistema de apostas ou qualquer uma de suas plataformas se tornar inoperante.
Nos regulamentos delineados para o iGaming e as apostas esportivas no Brasil, devem existir mecanismos robustos de recuperação e continuidade do negócio para garantir que, em caso de falha catastrófica, o operador ou fornecedor possa restaurar o sistema de apostas e recuperar totalmente a partir do último ponto de backup.
A secção de recuperação do Decreto 722 explica que essas cópias de segurança devem incluir não só as informações registadas, mas também pormenores específicos do local, como as configurações de segurança e as contas de utilizador. Além disso, as chaves de encriptação actuais do sistema e um registo exaustivo dos parâmetros do sistema – quer se trate de modificações, reconfigurações, adições, fusões, eliminações, ajustamentos ou alterações de parâmetros – devem ser meticulosamente mantidos.
Entretanto, a secção relativa à continuidade das actividades e à recuperação de desastres da Portaria 722 recomenda que o plano inclua metodologias de armazenamento de dados para minimizar as perdas, documente os procedimentos de recuperação e forneça um guia de recuperação abrangente. Além disso, deve propor o processo de retoma das operações administrativas após a recuperação, adaptado ao contexto operacional do sistema.
A solução Continent8: A nossa abordagem de serviços multifacetados oferece aos operadores e fornecedores o caminho ideal para a recuperação e continuidade do negócio no caso de um incidente ou desastre.
(O webinar está disponível em inglês e espanhol)
Portaria 722, Anexo IV, secção 31 – Firewall: Todas as comunicações, incluindo o acesso remoto, devem passar pelo menos por uma firewall aprovada a nível da aplicação.
Uma firewall eficaz actua como guardiã da rede, analisando meticulosamente todas as comunicações de entrada e saída para impedir o acesso não autorizado e potenciais ameaças. A comunicação da firewall do Decreto 722 sugere que a firewall seja colocada na junção de diferentes domínios de segurança, garantindo que não exista nenhum caminho de rede alternativo que possa contornar a firewall. Apenas as aplicações essenciais relacionadas com o funcionamento da firewall são autorizadas a residir no dispositivo e o acesso é restringido a um número limitado de contas de utilizador, principalmente administradores de rede ou de sistemas. Estas firewalls devem analisar todas as comunicações de entrada e saída, garantindo que só é permitido o tráfego proveniente de fontes de rede fiáveis. Além disso, controlos de acesso rigorosos, apoiados pelos mais recentes protocolos de encriptação, protegem as interações remotas com a plataforma de jogo.
A solução Continent8: O nosso serviço de Firewall inclui capacidades IDS/IPS personalizáveis. Quando combinados com o nosso serviço gerido do Centro de Operações de Segurança (SOC), os eventos IDS/IPS são enriquecidos com informações específicas sobre ameaças e ingeridos na nossa plataforma de gestão de incidentes e eventos de segurança (SIEM). Os nossos analistas do SOC podem então fornecer informações poderosas sobre o estado atual das ameaças e as actividades de perímetro de um cliente, fornecendo deteção, prevenção e respostas a ameaças conhecidas e emergentes.
Os planos de recuperação e continuidade do negócio, juntamente com a proteção da firewall, constituem um excelente ponto de partida para os operadores e fornecedores de iGaming e de apostas esportivas online que iniciam operações no mercado de jogo regulamentado do Brasil. Para uma proteção de ponta a ponta, recomendamos que os operadores e fornecedores adoptem uma abordagem holística de mitigação de riscos. Uma estratégia de defesa completa e de 360 graus inclui (ligações de produtos em inglês):
Ao fazer referência às políticas da SPA e da Portaria 722 do MF e fazer parceria com um provedor de soluções experiente e confiável como a Continent8, operadores e fornecedores podem implantar estratégias de proteção de segurança cibernética multi-defesa e multi-camadas para sua plataforma de apostas esportivas iGaming e online. Essa abordagem permite que eles cumpram as mais recentes regulamentações técnicas e de segurança cibernética do Brasil, ao mesmo tempo em que demonstram seu compromisso em fornecer ambientes e experiências de jogos seguros e confiáveis.
A Continent 8 Technologies, parceira confiável de hospedagem gerenciada, conetividade, nuvem e cibersegurança para a indústria global de iGaming e apostas esportivas online há mais de 25 anos, está ao vivo em todas as principais jurisdições regulamentadas da América Latina (LATAM), incluindo o Brasil.
Operando fora da região da LATAM desde 2020, oferecemos aos operadores e fornecedores acesso a data centers de última geração, conetividade a uma rede privada global com mais de 100 locais em quatro continentes e os melhores serviços gerenciados e profissionais da categoria para suportar os requisitos mais exigentes de iGaming e apostas esportivas online.
Descubra por que a Continent8 é o provedor de infraestrutura e segurança cibernética para os principais operadores e fornecedores da LATAM, como Betcris, Boldt, Bplay e Vibra Gaming, e saiba como garantimos a implementação perfeita de infraestruturas compatíveis e seguras para que suas operações de jogos brasileiros estejam ao vivo desde o primeiro dia.
Para obter mais informações sobre como a Continent8 pode apoiar os requisitos regulatórios e de segurança cibernética da sua organização, visite www.continent8.com/br ou contactar Luana em luana.monje@continent8.com.
In the latest edition of our Cultiv8 Employee Series, Jordan Holmes, Director of Talent Operations at Continent 8 Technologies, sat down with Sabrina Mastroianni, our Montreal-based Paralegal.
In the interview, Sabrina talks about her professional journey, her ability to align legal requirements with the company’s business objectives and how the support from the Continent 8 team and culture empowers her to tackle each new challenge and opportunity with purpose and intent.
Certainly! I’ve been practicing law for over a decade. I’ve dabbled in small to medium to large law-firm boutiques, specialising in all areas of law, including corporate, compliance and commercial – I’ve tried it all!
After serving in a law firm for several years, I decided to pursue in-house counsel, which I absolutely love. The dynamic of working within a corporation versus law firm is, in fact, very different. I am definitely a people person and enjoy holding connections with customers throughout the longevity of the business relationship. In-house counsel promotes this, and Continent 8 encourages it. I’ve been here for three years now, and I could not be happier. I love my colleagues and the relationships we build, not only with our customers and partners, but with each other.
In terms of my actual role, I streamline everything legal, from customer agreements, vendors, resellers, partnerships and everything in between.
Originally, my studies were geared towards becoming a lawyer, specifically in family law. However, after volunteering at Batshaw Youth and Family Centers in Montreal, I realised that being a lawyer, especially in family law, was not for me.
My internship at a corporate firm was a turning point, and I loved it. I ran with this, and I’m happy that I did. What I love most about my job is the opportunity to ensure internal compliance while negotiating business deals. I take great pride in navigating complex legal landscapes to make sure that our practices adhere to the law and uphold our company’s standards. Balancing legal requirements with business objectives is both challenging and rewarding, and it’s incredibly satisfying to contribute to our organisation’s integrity and success!
Perhaps what is most fascinating is the fact that no two days are ever the same. It’s the nature of our business, especially as we continue to grow at an exponential rate. The challenge lies in maintaining finesse while satisfying customer needs and simultaneously reducing Continent 8’s risks and exposure.
As a Paralegal, my role inherently encompasses a bit of everything related to the company’s core cultural values. Each project typically involves overseeing tasks from inception to completion, necessitating Genuine Care and Active Ownership to ensure that every detail is meticulously reviewed and accounted for. ‘Fine-tuning’ is often essential, calling for Purposeful Creativity at times, whether it’s collaborating on new legal terms, managing negotiations or crafting innovative solutions to meet the evolving needs of clients.
Some of the new initiatives consist of a deeper understanding and awareness of ‘knowing your customers’ or KYC. The importance of truly understanding our customers not only allows Continent 8 to provide white-glove support but also mitigates our risk. We’re 100% committed to this process and procedure.
Yes – I can go on forever! I have had my fair share of corporate cultures, executives and colleagues over my professional career – I am seasoned in my field of expertise. As I’ve often said, working at Continent 8 has been, and continues to be, an extraordinary journey both professionally and personally. I am grateful to be a part of this amazing team and am appreciative of the challenges, the successes and even the occasional hurdle because we always find a way to lean on each other and make the most out of each and every opportunity.
Executive SummaryToday, web applications are indispensable for businesses across all sectors. Continent 8 Technologies recognises that the hybrid and multi-cloud environments, modern application architectures and the necessity of securing remote work whilst maintaining high service availability pose significant challenges in securing these applications. Our comprehensive approach to application security is designed to mitigate the many challenges of protecting web applications and APIs from a diverse range of threats.
Despite the availability of numerous web application security solutions, businesses often struggle due to resource constraints (budgetary and expertise), the complexity of modern applications (including microservices, API ecosystems and continuous updates), and issues with false positives and negatives resulting from outdated security policies.
In this blog, I’ll explore the current threat landscape for web applications, examine the biggest challenges in securing modern applications, highlight the business implications of security breaches and offer insights and best practices into navigating today’s ever-evolving digital landscape.
The threat landscape for web applications is ever-changing, presenting businesses with intricate challenges. Key aspects include:
Modern applications are inherently difficult to secure due to several factors:
Failure to secure web applications and APIs can have far-reaching business consequences:
To address these challenges, Continent 8 advocates for a comprehensive set of best practices in web application and API security:
Securing web applications is a complex challenge requiring a holistic approach. By understanding the evolving threat landscape, recognising the business implications of security breaches and implementing best practices, businesses can significantly enhance their security posture. Continent 8 is dedicated to providing robust security solutions that help businesses protect their critical web applications and APIs, ensuring resilience against the complex threats of today’s digital landscape.
Continent 8 WAAP solutions represent a proactive approach to web application and API security.
To support organisations enhance their web application and API security framework, Continent 8 is offering 3 months of FREE WAAP services for the first 50 customers to sign up to a 15-month contract*.
Learn more about the WAAP solution here.
For further information and detailed guidance on securing your web applications, email sales@continent8.com or fill out our Contact Us page.
*T&Cs apply. Limited-time offer; subject to change. First 3 months free, when signing up to a 15-month contract.