When I think games and cyber security, my mind tends to wander back to time spent playing Uplink. Recently, however, a series of breaches suffered by major players in the games industry have underlined the need for publishers, developers and other participants in the ecosystem, to make cyber security a priority.
The volume of personal and other data generated, shared and commercialised in the games industry has experienced staggering growth, and a proper discussion of how to navigate the regulatory landscape while making the most of that data is a topic for another day. Here I'll focus more on considerations relevant to data breach incident response and compliance.
Data protection regulation requires game developers and publishers to implement appropriate technical and organisational security measures to avoid unauthorised disclosure of gamers' data. If you suffer a breach, that may indicate that the steps you have taken to comply with data protection principles fall short. So, as a starting point, it is important to ensure that the security of your data (and that of your business partners, and users) is a core consideration across your business. What if you are still the victim of a cyberattack?