EL and WLA Event Discuss How Lotteries Stay Safe as Cyber Threats Change the Sector

In an event hosted by Norsk Tipping, Norway’s national lottery company, European Lotteries and the World Lottery Association (WLA) brought together operators, suppliers, and regulators in Oslo from October 21–23 for the 2025 Security & Operational Risk Seminar. Centered on the theme “Trust in the Supply Chain: Resilience and Oversight,” the seminar examined ways lotteries can enhance operational integrity in the face of growing cyber threats and increasingly complex supplier networks.

Trust in the Gambling Sector’s Security Is Under Pressure

Sofie Nystrøm, CEO of Fortified Technologies and former head of the Norwegian National Security Authority, opened the seminar by outlining the current security landscape. She highlighted that digital supply chains are becoming increasingly complex, cyber threats are growing in both sophistication and frequency, and ransomware continues to be the most common form of attack. 

According to Nystrøm, trust is under pressure. She explained that lotteries need to take proactive measures, streamline their processes, and collaborate with partners who prioritize strong security, since a lottery’s protection is only as resilient as that of its suppliers.

The seminar underscored a key point that security is more than just a department. It is a collaborative effort and a cornerstone of trust. From implementing frameworks and conducting audits to managing real-world crises, lotteries function as trusted partners in society, and often, the behind-the-scenes work of security teams is vital to maintaining that trust.

Security Is a Cornerstone of Public Trust

The event had many leading industry professionals who delved deeper into the necessity of having better security as a cornerstone of public trust.  For example, Gennaro Borrelli of Brightstar Lottery delved into the “AI versus AI” frontier, showing how emerging technologies can both enhance defenses and be exploited by attackers. 

Meanwhile, Pablo Berloso of SELAE reminded attendees that some of the most significant risks remain traditional and tangible. Even the most advanced cybersecurity measures are limited if basic infrastructure fails. He pointed to the nationwide power outage in Spain in spring 2024 and explained how SELAE navigated the crisis to preserve operational resilience.

Rebecca McCarthy of Allwyn UK highlighted how the transition from Camelot to Allwyn reinforced resilience, embedding security throughout everyday processes. This was a concept that she illustrated with the metaphor of a tree that bends under pressure but develops stronger roots over time.

Supplier and auditor insights emphasized the collaborative aspect of security. For example, Andrew Jackson of Scientific Games underscored the importance of transparency and teamwork, drawing lessons from the notorious McDonald’s promotional games case of the 1990s. 

Meanwhile, Stavroula Karagianni of OpenBet outlined strategies for safeguarding data integrity across complex global operations. Hans Peter Østrem, WLA SCS Auditor, described auditors as “critical friends,” highlighting that audits go beyond compliance. According to Østrem, these are opportunities to enhance processes, foster innovation, and bolster resilience.

The closing panel agreed that while absolute security is impossible, maintaining trust depends on continuous vigilance and open communication.