M+E Daily
GameSupply: At EA, Digital Markets Bring New Risk Management Framework
Story Highlights
Videogame developers have long been averse to working “under any regime,” notes Spencer Mott, Chief Information Security Officer of Electronic Arts. But with game publishers now reliant on a global network of developers, and gamers themselves increasingly adopting online subscriptions and other digital models, Mott says the industry needs a new framework: “we need quite mature ways to assess and address risk when working in a secure environment.”
Mott oversees global security and risk management (SRM) at the world’s largest games developer, leading a team of consists of 27 security specialists and employee “sentinels” who formally advocate SRM goals and objectives. EA’s SRM team focuses on three operational pillars: risk management services, data compliance, and security operations.
The year 2010 is seeing the publisher push further into direct-to-consumer models for downloadable game content. Subsequently, Mott points out, EA is increasingly involved in e-commerce customer details. The regulatory compliance aspects of “how we manage that relationship” encompass “a great amount of work” for the software publisher’s SRM unit.
Flowing from closer customer relationships is the need for EA to maintain an “instant response” plan for recovering from online game server outages or hacker attacks.
“We have to expect things are going to happen,” says Mott, who looks for publishers in general to promote security management “as more of a business-type function” than a back-end operation.
Continued development of open, industry-wide standards for baseline security and risk management help EA and other publishers “set an expectation level with our partners,” Mott says. But amid ever-shifting markets and consumer preferences, Mott advocates a flexible approach to implementing risk management practices industry-wide. “When the business is changing — and over the past couple of months, all of the projections were wrong on how the game business was changing — if you introduce too much policy into the process, you can stifle innovation and creativity.”
Mott will join BayTSP’s Matt Sprague in a presentation on content security at the GameSupply conference Feb. 10 in San Jose, CA. For more information, visit www.GameSupplyAcademy.com.
