At a recent FGS event in Malta we invited some of our key partners to share insight into the latest cyber security threats they’re seeing and the security challenges they’re dealing with.

Increasing Sophistication of Cyber Threats

Dominic List, CEO of CyberOne said that cyber threats are getting more and more sophisticated. You can now go from a breach incident to a full-scale total takeover in less than an hour. Microsoft have actually said that it’s now down to about 42 minutes and this timeframe is getting shorter all the time. So speed of response is becoming ever more critical.  

For businesses like CyberOne it’s all about the ability to control the blast radius when there’s an attack. This means his business needs people with their eyes on the screen, 24/7, as well as analysts and instant responders. Without an SOC and those eyes on the screen, the ability to respond effectively in the time that’s required is clearly diminished. One of the issues that companies like CyberOne have to deal with is that typical SOC analysts aren’t always highly experienced people. This means there can be a lot of pressure on an individual when there’s a critical incident.

Zero Trust Architecture and Borderless Protection 

Another area which CyberOne are focussed on is working with their partners and vendors to help build out the zero trust architecture and the ability to authenticate everyone you deal with. This is very simple in concept but quite difficult to execute. They are also working on borderless protection – building this architecture, making it scale, and suit the individual wherever in the world they are working.

Dominic says this can be complex work because businesses typically operate in multiple jurisdictions. This means there are different licensing agreements, different working-hours and close liaison is needed with local IT teams and corporate IT teams. He said that building borderless protection around corporate executives, who are often the best point of entry because they’ve got massive amounts of access, is particularly challenging. This is because these people can quickly get frustrated by two factor authentication and don’t react well when the security controls on their machines make them run slowly. 

Security-First Mind-set

Dominic highlighted the need for firms like his to have a security first mind-set and culture. CyberOne often work with clients to roll out testing platforms and also put in the sort of policies and procedures that drive this security first mind-set. ISO 27001 is an international standard that his firm would always recommend. In the UK there is also the Cyber Essentials cyber security certification scheme, but CyberOne also work with other international standards. 

Security Reporting

Security reporting is another hot topic. CyberOne support clients with their security reporting across different levels within organisations. Dominic observed that the level of regulation is increasing in the gaming market and all the different gaming markets have different regulations. This means lots of layers of complexity and there are challenges in actually making sure that your security, as well as all your infrastructure and the way you operate in different markets, is fit for purpose. 

Ransomware Threat

Simon Walsh from Trend Micro shared a fascinating story about how his company was able to keep an Irish hospital up and running following a vicious, nationwide cyber-attack on Ireland’s Health Service Executive (HSE) by the Russian-affiliated Conti ransomware group. The group destroyed the HSE completely, apart from one hospital, which was Trend Micro’s customer.  

Simon said that what happened validates the effectiveness of having 24/7 expert eyes on what’s happening in your environment. Trend’s monitoring team were alerted that something was happening when they saw beacons from Conti being dropped into the hospital’s IT environment, so they called them and advised them to do something very quickly or risk being in serious trouble. Fortunately, Trend’s client did act quickly in this situation and were able to disconnect themselves from Ireland’s National Health Network before the ransomware group pulled the trigger. Ultimately, says Simon, this is what saved them. 

Virtual Patching

Simon also spoke about another of Trend Micro’s clients, who had come to them a while ago with some issues around their security posture (but without service disruption), and some challenges around virtual patching and maintaining their regulatory compliance. Trend came up with a solution which provided Playtech with a broader range of security coverage than they had had previously – typical types of controls included malware, ransomware, IPS, virtual patching and integrity monitoring.  

Playtech’s CSO has said that Trend’s virtual patching had been a game-changer for the firm and it reduced their time spent on patching issues by around 40%. Trend’s solution is now deployed across about 20,000 servers and containers throughout their data centre. 

FGS Celebrates 5 Years in Malta

Five years ago we established a presence in Malta, to complement our UK operation. We were drawn to the island because it has a very strong iGaming industry, with many talented people working in it. Our presence in Malta also gives us access into the European Union, which was essential following Brexit. 

The above cyber security insights come from a recent event held to mark the 5th anniversary of our Maltese operations. Watch the event’s keynote speakers and go behind the scenes here*