Cybersecurity Officials Push for Immediate Action Against Cyber Threats at DraftKings in Sports Betting Industry
In the rapidly evolving world of sports betting, regulatory bodies are increasingly focusing on enhancing cybersecurity measures to protect consumers and prevent financial risks.
The Nevada Gaming Commission is set to propose new regulations next week, requiring gaming operators to conduct an annual cyber risk assessment. This move comes in the wake of the recent cyber breach at DraftKings, which impacted over 1,000 customers and resulted in six-figure losses from customer accounts.
Ohio, the most populous state yet to launch sports betting, is expected to do so next year. The Ohio Casino Control Commission (OCCC) will require operators to undergo an independent audit of their security protocols and information technology systems at least once every three years.
Regulatory efforts are not limited to the United States. States like Pennsylvania are working to legalize and regulate esports betting, implementing measures to address concerns and define what constitutes an esports event. There is also a focus on understanding and applying federal and state gambling laws to new forms of betting, such as event contracts.
To bolster cybersecurity, states might consider implementing stricter data protection standards for sports betting operators, mandating regular security audits, and requiring operators to have comprehensive incident response plans in place. Collaboration with cybersecurity experts is also crucial to stay updated on the latest threats and best practices in security.
Following the DraftKings breach, DraftKings' president for global technology and product, Paul Liberman, stated that the company did not find any evidence to suggest that its own systems had been breached. However, FanDuel, DraftKings' main rival, has reported a spike in cyber breaches of late.
In response, Colorado Division of Gaming Director Dan Hartman is considering appointing a cybersecurity assessment task force in the coming months. The task force may include a dedicated cybersecurity chief who will work collaboratively with retail and online sportsbooks to assist operators in better preparing for a potential intrusion.
Josh Chin, a cybersecurity consultant and managing partner of Net Force, appeared on a digital fraud panel at the National Council Of Legislators From Gaming States (NCLGS) 2022 Winter Meeting. Chin, with a 12-year professional career of breaking into banks, high-stakes lotteries, and sophisticated networks, provided valuable insights into the latest threats and best practices in security.
The proposed regulations in Nevada require gaming operators to protect not only their own records and operations but also the personal identifiable information of their patrons, employees, and vendors. As the sports betting industry continues to grow, it is crucial for states to take proactive measures to ensure the safety and security of all involved parties.
- In an effort to prevent potential financial risks and cyber breaches, the Nevada Gaming Commission plans to propose new regulations next week, mandating annual cyber risk assessments for gaming operators.
- Ohio, set to launch sports betting next year, will require operators to undergo an independent audit of their security protocols and IT systems at least once every three years, as per the Ohio Casino Control Commission (OCCC).
- Recognizing the evolving nature of sports-betting and its associated risks, Pennsylvania is working to legalize and regulate esports betting, addressing concerns and defining esports events, while also understanding federal and state gambling laws applicable to new forms of betting.
- To further enhance cybersecurity, Colorado Division of Gaming Director Dan Hartman is considering appointing a cybersecurity assessment task force in the coming months, which may include a dedicated cybersecurity chief to collaborate with retail and online sportsbooks, empowering them to better prepare for potential intrusions.
