The EL/WLA Security Seminar: Challenges on the Horizon – Be Prepared!

Challenges on the Horizon – Be Prepared!” began with the keynote speech describing how there are only two types of organisations: those that have been hacked, and those that will be. The IOT (Internet of Things) will come to represent the Internet of Threats.
gallegoweb

Ramses Gallego, Security Strategist & Evangelist; Past international President, ISACA, Board of Directors.

The joint EL/WLA Security Seminar (Malaga 18 – 20 October), titled “Challenges on the Horizon – Be Prepared!” and graciously hosted by SELAE Spain, was a fabulous success.  A record number of participants from all regions of the world attended and engaged in a highly interactive and productive workshop led by twenty-five experts and leaders in the security field.

The keynote speech by Ramses Gallego (Security Strategist & Evangelist; Past international President, ISACA, Board of Directors) described how there are only two types of organisations: those that have been hacked, and those that will be. The IOT (Internet of Things) will come to represent the Internet of Threats. There is already an average of thirteen enterprise security breaches every day, resulting in roughly 10 million records lost a day—or 420,000 every hour. And that’s now – the IOT future will usher in an explosion in the number of device connections which will create entirely new levels of risk and vulnerability to hacking.

Examples:  Security experts Chris Valasek and Charlie Miller grabbed headlines with their research on the vulnerability of connected cars when they hacked into a Toyota Prius and a Ford Escape using a laptop plugged into the vehicle’s diagnostic port. This allowed them to manipulate the cars headlights, steering, and breaking.  The massive domain name hack that recently disrupted service at major websites like Netflix, Amazon, Twitter, Reddit and others was made possible by poorly protected IOT devices.  Systems need protection against new points of vulnerability and increasingly sophisticated methods of attack.  Thankfully, Mr Gallego’s warnings of dire challenges and potential consequences were presented in a most engaging and entertaining fashion!

thierry-pujol-fdj-lottery

Thierry Pujol, FDJ and Chair of WLA Security and Risk Management Committee.

_acr3621

Bin Han, GM of the Beijing Zhongcai Printing Company.

 

 

 

 

 

 

 

_acr3572

Danielle Van Emmerik, Senior Auditor, Nederlandse Loterij, Nederland Netherlands.

Thierry Pujol, FDJ and Chair of WLA Security and Risk Management Committee outlined the proposed changes for the next version of the WLA Security Control Standard (SCS) which were again discussed at the WLA General Assembly Singapore. These include additions for online, sports betting, electronic draws, and VLT’s.

Danielle Van Emmerik (Senior Auditor, Nederlandse Loterij, Nederland Netherlands), Evangelos Cosmidis (Financial Unit / Procurement & Quality Division Director, OPAP, Greece)  and Declan Murray (Security and Compliance Manager, Premier Lotteries Ireland) shared their experiences with various aspects of the WLA  SCS Certification process. The main theme was to prepare well and keep all colleagues and stakeholders fully informed at all stages of the process. Bin Han, GM of the Beijing Zhongcai Printing Company, described the certification process for a printing company and noted how important it was for their customers to know that they had the WLA SCS Certification.

The presentations on Personal Data Protection included a detailed description by Calvo Medina (IT Area Head of the Spanish Data Protection Authority), Franz-Joseph Wichmann (WestLotto), Johannes Puchinger (Austrian Lottery) and addressed both the big-picture importance of Personal Data Protection and detailed the practical applications of tools to provide such protection.  The speakers agreed that it is both efficient and practical to combine or create synergy between the functions of Privacy and Security.

The Partner/Supplier presentations from INTRALOT, Novomatic, IGT, Playtech and Scientific Games were particularly interesting and should have well reassured the participants that their suppliers were on top of the subject and were already planning systems that are keeping the government-gaming business protected from and ahead of the cyber-criminals of the future.

_acr3850

Manuel Gonzales Barreda, Director Fiscal Adjunto, SELAE, Spain.

_acr3644

Calvo Medina, IT Area Head of the Spanish Data Protection Authority.

 

 

 

 

 

 

 

_acr3585

Evangelos Cosmidis, Financial Unit / Procurement & Quality Division Director, OPAP, Greece.

Jean-Jacques Riera (Mission Head, Information Security, FDJ, France), Maurizio Rubini (Lottomatica, Italy), and Manuel Gonzales Barreda (Director Fiscal Adjunto, SELAE, Spain) presented on anti-money laundering where a “risk-based approach” was praised as a good solution.  These were followed by Antonio Gorrasi on the Italian approach and developments for protection, privacy and cybersecurity in Italy.

Gunnar Ewald (Chief Audit Executive, Vice President, LOTTO Hamburg GmbH) gave his traditional annual review of recent security issues worldwide and there followed some excellent presentations and an animated and robust round-table on “Trust and Assurance – RNG/Electronic Draws” comprised of Lotteries (FDJ, Loterie Romande, SELAE) and Suppliers/Certifiers (GLI, Smartplay, and Szrek2Solutions). Carlos Bachmaier (SELAE) presented a most informative review of existing standards for RNG’s and a comprehensive set of references for relevant articles. These details, together with all the presentations are available online to all of the participants at the Seminar.

The Seminar concluded with a practical hands-on workshop on the European Lottery Risk Tool supported by members of the EL POS Working Group.

Ray Bates, Honorary EL Chair, moderated.

qa190667

Related Articles

View all

Synopsis

Français
Le séminaire EL/WLA sur la sécurité s’est déroulé à Malaga du 18 au 20 octobre.  Le séminaire conjoint EL/WLA sur la sécurité intitulé « Défis à l’horizon ‑ Soyez prêts ! » et gracieusement accueilli par SELAE Espagne, a été un franc succès. Un nombre record de participants de toutes les régions du monde a participé à un atelier hautement interactif et productif conduit par 25 experts et dirigeants dans le domaine de la sécurité. Le discours d’ouverture de Ramses Gallego (stratège en sécurité et évangéliste, ancien président international, ISACA, Conseil d’administration) a décrit les deux types d’organisations : celles qui ont été piratées et celles qui le seront. L’IOT (Internet of Things [Internet des choses]) viendra représenter l’Internet of Threats (Internet des menaces). Il y a déjà en moyenne, chaque jour, 13 failles de sécurité en entreprises, provoquant la perte d’environ 10 millions d’enregistrements par jour ‑ soit 420 000 toutes les heures. Et c’est maintenant ‑ l’avenir de l’IOT marquera le début d’une explosion dans le nombre de connexions qui créera des niveaux jamais atteints de risque et de vulnérabilité au piratage. Thierry Pujol, FDJ et président du Comité de sécurité et de gestion des risques de la WLA a présenté les changements proposés pour la prochaine version du norme de contrôle de sécurité (Security Control Standard, SCS) de la WLA qui a été à nouveau discuté à l’assemblée générale de la WLA à Singapour. Il s’agit notamment d’ajouts pour les paris en ligne, les paris sportifs, les tirages électroniques et les VLT (Video lottery terminals [terminaux de loterie vidéo]). La protection des données personnelles a été abordée généralement ainsi que dans le cadre des applications pratiques des outils permettant de fournir une telle protection. Les intervenants sont convenu qu’il est à la fois efficace et pratique de combiner ou de créer une synergie entre les fonctions de protection des renseignements personnels et de sécurité. Les présentations partenaires/fournisseurs INTRALOT, Novomatic, IGT, Playtech et Scientific Games étaient particulièrement intéressantes et devraient avoir bien assuré aux participants que leurs fournisseurs sont spécialistes du sujet et qu’ils planifient déjà des systèmes qui protègent le secteur de la loterie des cyber-criminels du futur, en maintenant même une longueur d’avance sur eux.
Español
Seminario de seguridad de Loterías Europeas y WLA convocado en Málaga del 18 al 20 de octubre.  El Seminario de seguridad de Loterías Europeas y WLA, titulado “Retos en el horizonte – ¡Esté preparado!” y amablemente organizado por SELAE España fue todo un éxito. Contó con la asistencia de un número récord de participantes de todas partes del mundo, que se implicaron en un taller altamente interactivo y productivo conducido por veinticinco expertos y líderes en el campo de la seguridad. Ramsés Gallego (estratega y gurú de la seguridad, antiguo presidente internacional del comité directivo de ISACA) indicó, en la conferencia inaugural, que solo existen dos tipos de organizaciones: aquellas que han sido hackeadas y aquellas que lo serán en el futuro. El IoT (Internet de las Cosas) llegará a ser el Internet de las Amenazas. Actualmente se producen, de media, unas trece brechas de seguridad empresariales al día que producen, aproximadamente, 10 millones de registros perdidos cada día, o 420 000 cada hora. Y eso es ahora; el futuro Internet de las Cosas supondrá una explosión en cuanto al número de dispositivos conectados, y creará nuevos niveles de riesgo y vulnerabilidad al hacking. Thierry Pujol, FDJ y Director del Comité de gestión de riesgos de WLA, subrayó los cambios propuestos para la nueva versión del Estándar de Control de Seguridad (Security Control Standard, SCS) de WLA, que se discutieron de nuevo en la Asamblea General de WLA en Singapur. Estos cambios incluyen adiciones para el juego online, apuestas deportivas, sorteos electrónicos y VLT. Se habló de la protección de datos personales, tanto a gran escala como en la aplicación práctica de las herramientas que ofrecen dicha protección. Los conferenciantes indicaron que es eficiente y práctico combinar o crear sinergias entre las funciones de privacidad y seguridad. Las presentaciones de socios/proveedores por parte de INTRALOT, Novomatic, IGT, Playtech y Scientific Games fueron particularmente interesantes; los participantes obtuvieron confirmación de primera mano de que sus proveedores están a la vanguardia en cuanto a este tema, y ya están planeando sistemas que mantengan al sector de la lotería protegido de los ciberdelincuentes del futuro.
Deutsch
Das EL/WLA-Sicherheitsseminar findet vom 18. bis 20. Oktober in Malaga statt.  Das gemeinsame EL/WLA-Sicherheitsseminar mit dem Titel „Herausforderungen am Horizont – seien Sie vorbereitet!“ und liebenswürdig organisiert von SELAE Spanien war ein fabelhafter Erfolg. Eine Rekordzahl an Teilnehmern aus allen Regionen der Welt besuchte und engagierte sich in einem hoch interaktiven und produktiven Workshop mit fünfundzwanzig Experten und Führungskräften im Bereich Sicherheit. Der Keynote-Vortrag von Ramses Gallego (Sicherheitsstratege & Evangelist; ehemaliger internationaler Präsident, ISACA, Board of Directors) beschrieb, dass es nur zwei Arten von Organisationen gibt: solche, die schon gehackt wurden, und solche, die es noch werden. Das IOT (Internet of Things [Internet der Dinge]) wird bald als Internet of Threats (Internet der Bedrohungen) angesehen. Es gibt bereits einen Durchschnitt von dreizehn unternehmensbezogenen Sicherheitsverletzungen jeden Tag, was zu rund 10 Millionen verlorenen Datensätzen pro Tag bzw. 420.000 pro Stunde führt. Und das ist heute – die IOT‑Zukunft wird eine Explosion in der Anzahl von Geräteverbindungen einleiten, die völlig neue Risiken und Anfälligkeiten für Hacking schaffen. Thierry Pujol, FDJ und Vorsitzender des WLA-Ausschusses für Sicherheit und Risikomanagement, skizzierte die vorgeschlagenen Änderungen für die nächste Version des WLA Sicherheitsstandards (Security Control Standards, SCS), die auf der WLA-Generalversammlung in Singapur erneut erörtert wurden. Dazu gehören Ergänzungen für Online- und Sportwetten, elektronische Ziehungen und VLTs. Der Schutz personenbezogener Daten wurde sowohl im großen Rahmen als auch in der praktischen Anwendung von Tools zur Gewährleistung eines solchen Schutzes thematisiert. Die Sprecher waren sich einig, dass es sowohl effizient als auch praktisch ist, Synergien zwischen den Funktionen Datenschutz und Sicherheit zu schaffen oder sie miteinander zu verbinden. Die Partner-/Lieferantenpräsentationen von INTRALOT, Novomatic, IGT, Playtech und Scientific Games waren besonders interessant und sollten den Teilnehmern versichert haben, dass ihre Zulieferer auf dem aktuellen Kenntnisstand sind und bereits Systeme planen, die das Lotteriesektorgeschäft vor der Cyber-Kriminalität der Zukunft und darüber hinaus schützen werden.

Other Articles

View all

IGT | Harnessing AI to Benefit Lotteries

Just as the steam engine and electrification once revolutionised whole sectors of the global economy, so are the internet, robotics, data analytics, and Artificial Intelligence (AI) beginning to drama......

Read more Synopsis: fr / es / de

Annual Holiday Campaign: Lottery tickets aren’t child’s play

Research showing that early childhood gambling experiences, including those with lottery products, can be a risk factor for gambling problems later in life, prompted McGill University and the U.S. Nat......

Read more Synopsis: fr / es / de

Honorary President Mr Reissiger

EL is thankful for Mr Reißiger’s commitment, expertise and dedication in his role as EL Vice President from 1999 to 2001 and EL President from 2001 to 2005. In 2006 Mr Reißiger was nominated EL Ho......

Read more Synopsis: fr / es / de

Preparations underway for EL Industry Days 2020

With growing challenges for the lottery sector in the years to come, the 2020 EL Industry Days is a call to all lottery professionals to look at a sustainable lottery model for the future. The chosen......

Read more Synopsis: fr / es / de

New EL CSR guidelines published

EL and its members are committed to generating the best for the benefit of society in accordance to national laws and regulations. This commitment goes further than Responsible Gaming, as a core value......

Read more Synopsis: fr / es / de

Szerencsejatek celebrate 20 years of the “Scandinavian” lotto

Bryan Adams gave two exclusive interviews and four lucky winners had the opportunity to meet the star in person as part of a Meet & Greet event. The concert exceeded expectations and showcased som......

Read more Synopsis: fr / es / de

Interview with GLMS General Secretary and Deputy General Secretary – “Reflecting on a successful year for Sport Integrity”

Looking back at an eventful year, what has been the greatest achievement for GLMS? GLMS General Secretary Giancarlo Sergi General Secretary Giancarlo Sergi (GS): During 2019 GLMS has a lot of......

Read more Synopsis: fr / es / de

Scientific Games | Lotteries hit the jackpot with trusted sports betting solutions

Changes have been underway in Europe over the last few years. Today, European players use their mobile devices to place more than 80 percent of wagers on sporting events, and live betting represents a......

Read more Synopsis: fr / es / de

European Week of Sport: EL members encourage citizens to #BeActive

This year’s edition in September marked the 5th edition and focused on five themes including education, the workplace, outdoors, sport clubs and fitness centres. EL worked closely with its members a......

Read more Synopsis: fr / es / de

EL at first-ever Responsibility in Gaming Conference

Translating the latest insight on problem gambling and looking at the neurological effects seen in the brains of people with a gambling disorder was a core focus on the Conference, together with the d......

Read more Synopsis: fr / es / de

EL advocacy brochure for policymakers and what the new European Commission means for the lottery sector

In light of the new European political landscape, EL is pleased to present its new advocacy brochure, developed in close collaboration with the EL Public Affairs Working Group. This new brochure allow......

Read more Synopsis: fr / es / de

OECD takes next steps in reaching global consensus on digital taxation

In May 2019, the OECD agreed a Programme of Work for Addressing the Tax Challenges of the Digitalisation of the Economy. This Programme is divided into two pillars: Pillar One (“Unified Appro......

Read more Synopsis: fr / es / de

INTRALOT | Trends and technologies that modernise the Lottery Industry

As it was stated during the 10th EL Congress in the CEO Panel discussion by Maria Stergiou, Group Chief Sales and Operations Officer of INTRALOT, all the above technological trends are creating sever......

Read more Synopsis: fr / es / de