GLI releases one updated and three new modules of its Gaming Security Framework
Summary
Gaming Laboratories International (GLI) has added three new modules and updated one existing module to its Gaming Security Framework (GLI-GSF). The new releases are:
- GLI-GSF-3 v1.0 – Gaming Information Security (GIS) Controls Audit: Vendor Controls
- GLI-GSF-4 v1.0 – GIS Controls Audit: Land-based Gaming Controls
- GLI-GSF-5 v1.0 – GIS Controls Audit: Online Gaming Controls
An update was also published for GLI-GSF-1 v1.1 (Common Controls). The framework is built from industry best practice and stakeholder input, intended to give regulators and organisations baseline cybersecurity guidance for gaming operations.
Key Points
- GLI released three new modules covering vendor, land-based and online gaming controls (GLI-GSF-3, -4 and -5, all v1.0).
- GLI also issued an update to Module 1 (GLI-GSF-1 v1.1) which addresses common GIS controls.
- The GLI-GSF fills a prior gap: it is the first dedicated gaming cybersecurity standard developed with broad industry participation.
- The framework is designed to help regulators set baseline security expectations and help organisations improve security consistently across operations.
- GLI stresses continual updates to the modules based on industry feedback to keep guidance current with evolving threats and practices.
Content summary
Earlier in the year GLI published Modules 1 and 2 of the Gaming Security Framework. The newest roll-out expands the standard suite with three focused audit modules for vendors, land-based operations and online platforms, plus a revision to the common-controls module.
The framework aims to standardise security expectations across the sector, supporting regulators, operators and suppliers by providing actionable audit controls and recommendations. GLI positions the GSF as a response to mounting cyber threats and rising cybersecurity insurance costs, offering a structured approach to reduce risk and clarify compliance requirements.
Context and relevance
Cyber threats against gaming operators have increased in scale and sophistication, and insurers are raising premiums. The GLI-GSF matters because it establishes, for the first time, gaming-specific cybersecurity controls that regulators and operators can adopt or reference. For stakeholders—regulators, operators, suppliers and players—this framework offers a common language and practical audit criteria to strengthen security and potentially reduce compliance and insurance friction.
Why should I read this
Short and blunt: if you work in gaming operations, compliance, security or supply, this affects you. GLI has just put more of the guardrails in place that regulators and auditors will start using — knowing what’s in these modules saves you time, money and hassle when preparing audits or patching gaps.
Author style
Punchy: This is a meaningful step for the sector — the sort of practical, industry-driven standard that can change how cybersecurity is audited and enforced in gaming. Read the details if you’re responsible for security or regulatory compliance; it’s directly relevant.