IT Risk Management
Operational Resilience
Internationalisation
In 2022, Gruppo SCAI undertook an IT Risk Management and Cyber Resilience project for a major Italian gambling player, recently acquired by an Irish betting giant.
The project
In the field of CyberResilience, the ability to mitigate the effects of a cyber attack, the SCAI Group team was commissioned to develop a disaster recovery plan and create operational checklists to be used during DR tests or in the event of a cyber attack.
Through interviews with the stakeholders responsible for the applications, networks and IT, the best ways of restoring the different applications were identified, taking into account the necessary exceptions. Subsequently, the deliverables, including the Disaster Recovery Plan and operational checklists for different business areas such as lottery services (online and retail), gaming machines, online casinos and betting, were shared with the stakeholders involved and submitted for approval.
With respect to the IT Risk Management request, the team supported the client throughout 2022 in IT risk management related activities, including IT asset classification, IT risk assessment on critical applications, and third-party monitoring to ensure security after the data protection impact assessment activity.
Again, interviews were held with the various IT contact persons for the classification of the relevant assets, and with the various stakeholders, in both the application and business areas, for the classification of the applications. Subsequently, the formalisation and sharing of indicators for calculating the performances of the different security tools protecting the Sisal perimeter was initiated.
In addition to the classification of IT assets and IT risk assessment, Gruppo SCAI implemented a framework for third-party security controls according to the WLA standard and set about formalising the KPI/KRI list.
The client chose to work with SCAI Group’s consultants due to their recognition of its strong competences in the field of Cyber Resilience (e.g. Business Continuity, Disaster Recovery) acquired through previous experiences and projects. Attention to timing and the way the project was carried out, in compliance with the agreed deadlines and a focus on priorities, such as certification projects, audits and emergencies, were key factors that contributed to the success of the appointment and convinced the client to choose Gruppo SCAI the following year.
“In 2022, our company expressed the need to update the Disaster Recovery plans and checklists for the business areas in which it operates, for the Italian perimeter.
The main reasons that led us to choose SCAI Partners to meet this need are:
its experience in Business Continuity and Disaster Recovery projects in companies belonging to different industries; its demonstration of great professionalism and its achievement of excellent results in another project initiative started at the beginning of the year with another company function.
Considering the excellent results achieved, an extension of the project activity to the international arena (Morocco and Turkey) is planned for 2023.”
Business Continuity Manager of the client company (One of the main Italian players operating in the gambling sector, operating in Italy with about 45,000 points of sale. It has more than 2,000 employees and a turnover that came close to EUR 700 million last year. In 2021 it was acquired by an Irish betting giant).
The activity enabled the client to have a functional environment with a complete set of replicated data in case of emergency, increasing its cyber resilience and enabling optimised business continuity.
Thanks to the activities of SCAI Partners, a SCAI Group company, the client gained greater visibility into critical risks, increasing the company’s cyber security awareness and strengthening its security posture through the implementation of third-party risk management security standards. Customer trust and loyalty towards the SCAI Group allowed the consolidation of activities also in the area of Business Continuity.