Founded in 2000, bet365 is one of the largest online sports betting companies in the world. A British success story, it is one of the first to deliver online betting on a massive scale. From the very beginning, that has meant working within laws and regulations to secure and comply with local rules that are ever evolving to stay up to date with internet-driven innovation and change.  

“Historically, gambling laws and regulations have been aimed at physical casinos, betting shops, or places to physically walk into and exchange money,” said John Eccleshare, head of information security at bet365. “Regulators needed to understand how systems were pieced together, how we did things like verifying identity and age and so on.”

This evolution of the way people place bets, and the subsequent race by regulators and licensing authorities to keep up with technology, has meant that online sports betting businesses have had to demonstrate the security and identity measures they apply online are fit for purpose and are at least as stringent and effective as the rules applied to traditional methods of making a wager. bet365’s cybersecurity capability had to keep up.

International expansion – and more pressure

A family-owned business, bet365 expanded and quickly became a leading sports betting brand across Europe and expanded into Australia. Following a court ruling in 2018 to open the online sports betting industry in the United States. bet365 has since obtained licenses in the US and is now operational in a number of US states with operational offices in both New Jersey and Colorado.  

bet365 is also involved in sponsoring the PGA Tour, NBA Team Charlotte Hornets, the UEFA Champions League, Stoke City and other teams and events across the sporting world.

bet365 encountered increased complexity in showcasing its security and compliance efforts as it expanded into multiple regions and jurisdictions. This expansion meant that the combined security and compliance teams needed to grow significantly in both scale and scope. They were tasked with safeguarding more platforms across a wider range of locations, each with its own set of regulations.

“We had to evolve. When I joined, bet365 was fewer than a thousand people, and now it’s over 9,000. We’re one of the biggest providers in Europe, and that paints a very big target on our back,” Eccleshare said.

The compliance and security teams functioned as one unit initially, but the burgeoning headcount and increasing complexity of the work as a result of the international expansion necessitated a split to specialize. The Information Security team now has five specific teams: SOC, Architecture, Engineering, Vulnerability Management and Application Security

The reorganization worked, but the efforts didn’t stop there. The company’s incredible growth meant it had effectively cornered the market for skilled security professionals in the local area.  

The information security team needed more people with the right experience and skills. Not just that, possible improvements and efficiencies to the way that the team worked and could utilize technology was identified.  

The existing SIEM was good at collecting a lot of information, correlating it, and presenting it, but it didn’t have the ability to identify when something out of the ordinary was happening. That was down to the human workers, and they had to sort through a huge volume of alerts for context.

Bringing in AI would augment the existing team’s abilities, remove rote labor, and help to re-direct the skills of the team. The reorganization had already allowed the team to start specializing and growing its skills; AI and automation would turbocharge this process.

Back in 2016 Darktrace engaged with bet365’s senior technology team to discuss how their AI-powered platform was the best way to augment the team.

As the days and weeks passed, Darktrace’s AI built an understanding of what constituted normal activity on bet365’s network. The team got better and better results from Darktrace / NETWORK.  

Before Darktrace, the team had had a number of conversations about building a 24/7 operations team – security specialists available around the clock. With Darktrace, they were able to achieve the same result without straining their people resources and keeping the team on more specialist tasks.

“Darktrace allowed us to revise our operational model and significantly complemented how the team worked 24x7x365 Our support model was enhanced, we didn’t have to follow the sun – Darktrace, with its Autonomous Response, was one of the first thing’s we got that contributed to the enhanced 24x7x365 support model.”

None of this was possible without Darktrace / NETWORK.  

“Darktrace was the only product that offered that unique insight into the way our network needed to be analyzed and how it works. It satisfied our business case – and we’ve been able to justify bringing in Darktrace / EMAIL in the last year on the same basis,” Eccleshare said. “We’ve not seen anything else that works as well for us as Darktrace does.”

As the company continued to grow, the threat of malicious email attacks increased.  

“We were running tried and tested technologies, but as there was more and more traffic, we had to increase the capability of our systems,” Eccleshare said. “It put a lot of pressure on the security team and the people running the Exchange system, too. We had to take that pressure off and do something differently.”

Darktrace / EMAIL tackled a lot of different pain points for bet365, but the primary issue was inbound email. With more than 100 million customers worldwide, the company received tens of thousands of customer emails a day.

“The inbound threat was critical: malware, phishing, spam, graymail. We felt that we could deal with this better. In the testing phase, Darktrace outperformed the other two options by far – it was better bar none,” Eccleshare said. “Darktrace / EMAIL was and is phenomenal at addressing our inbound email challenge.”

Darktrace / EMAIL proved easy to configure to business need, was easier for users to understand when they received a warning, and it successfully cut the amount of noise in terms of malicious or unsolicited emails that users had to deal with.

In much the same way that Darktrace / NETWORK lightened the team’s load, the AI capabilities at the heart of Darktrace / EMAIL learn what constitutes normal email traffic for the organization they protect. Once the AI has completed this learning, Darktrace / EMAIL builds profiles for every user, with patterns in language use, link sharing, attachments, common contacts, and several more signals. This detailed understanding equips Darktrace / EMAIL to recognize unusual– and therefore suspicious– activity and neutralize threats with more precision than the use of simplistic allow/block rules.

Proving and re-proving the validity of bet365 and Darktrace

The security team is preparing for a busy future. As bet365 continues with its US and global expansion, it continues to demonstrate its ability to comply with various regulatory regimes, which calls for more demonstrations and explanations of how the security team and Darktrace protect user data, verify new customers, and secure the bet365 platform.