Focus on GLI: Bulletproof helps casinos handle the threat of cyberattack

January 12, 2024 8:00 AM
  • Buck Wargo, CDC Gaming Reports
January 12, 2024 8:00 AM
  • Buck Wargo, CDC Gaming Reports

As evidenced by the cyberattacks on casino operators last fall on the Las Vegas Strip and ongoing threats from hackers, companies face a growing risk of being breached in a complex regulatory environment and require more security.

That means now more than ever that it’s important for organizations to partner with security experts for accurate, up-to-date and professional risk assessments, audits, testing and advisory services.

Bulletproof, a GLI company, provides businesses with IT, security, and compliance solutions to protect the confidentiality, integrity, and availability of their data and information. They deliver a comprehensive suite of services designed to aid auditors, risk and compliance professionals, business leaders, and the boards they serve, according to Marco Capozzi, Bulletproof’s senior director of information security.

Bulletproof can help organizations simplify their compliance and complete audits efficiently and effectively maximize investment, Capozzi said.

“What differentiates us from our competitors in the gaming industry is that we can assist our clients with all their certification needs,” he explained. “For a lot of organizations, being able to leverage one provider that provides various types of solutions helps cut costs and time. It also reduces a lot of internal costs to managing certifications.”

GLI has been a pioneer of cybersecurity certification within the gaming industry. Capozzi, who’s been with Bulletproof for 15 years, leads a team of 30 people.

“We have been advising regulators on regulations and helping clients to strengthen security posture,” he said. “We try to establish a relationship with our clients, especially when it comes to cyber security testing. We are helping companies mitigate risks. Oftentimes, companies don’t think about cybersecurity threats and at Bulletproof, we help internalize the landscape and protect them from what’s out there.”

Bulletproof’s services include IT security assessments, which includes an ethical hack to check for network vulnerability. There’s penetration testing, threat-risk assessments, web application security testing and assessments of a company’s information security processes.

“We explain to our clients that if one of our security findings is an immediate risk – the average hacker can exploit a system or a low risk in which only a few people out there are able to exploit the system,” Capozzi said. “A high risk means the majority of the hackers out there are able to exploit your system.”

Bulletproof offers IT security consulting with the growing cybercrime rates, and Capozzi said it’s critical to have the strategy and technology in place to protect an organization.

“We’ll help uncover your unique needs and will develop a strategy that sets you up to be competitive, agile, and responsive,” he said.

Bulletproof’s IT security audits and certifications identify potential security vulnerabilities in the source code of an application. This review process is an integral part of a comprehensive application security program, Capozzi noted.

Bulletproof’s ISO 27001 Certification provides third-party audit and certification of your information security processes against the ISO 27001 standard. It assists in developing a new or enhances an existing information security program/framework to align with the ISO 27001 standard with the goal of achieving the ISO 27001 certification, Capozzi said.

Bulletproof’s PCI-qualified security assessors assist organizations with all PCI requirements from the completion of a self-assessment questionnaire, a report on compliance and conducting a gap assessment against the current PCI: DSS standard.

ISOs and PCIs can be designed to maximize jurisdictional leverage. Companies can minimize their effort by conducting a single yearly assessment that covers ISO and PCI audits to help better manage highly regulated security risks, Capozzi said. They can also leverage their ISO and PCI certification to achieve compliance within all jurisdictions, he added.

Headquartered in Canada with offices across the globe, Bulletproof has two decades in the security business, protecting its clients’ privacy and data.

“We know that technology is inextricable to the way modern organizations operate, posing both opportunities and challenges, especially in highly-regulated industries, and we work with numerous industries across EMEA and North America to leverage our extensive industry experience and IT know-how to reduce risk and improve client processes, systems, education, and business infrastructure,” said Capozzi.

Bulletproof is customer-obsessed and is about respect and putting people first. Capozzi said they try to explain things in a simple way and show them how tools on the internet can damage a company’s reputation.

“We try to get that connection with clients that give us the trust and ability to openly discuss their information infrastructure,” he said.