A Case Study Overview—BARR’s Cybersecurity Consulting Team Establishes a Security Roadmap for Jackpocket

By October 20, 2023CISO

When launching their business in 2013, Jackpocket—the first licensed third-party lottery courier app in the U.S.—aimed to introduce their product to customers as soon as possible. Once the app became available, Jackpocket experienced rapid growth. And like many organizations, initial advancement came with security questions. 

Jackpocket knew they wanted a third-party to help them achieve their security and compliance goals, so they partnered with BARR Advisory’s cybersecurity consulting team for vCISO services. 

Let’s take a look at an overview of their partnership. 

The Challenge

Today, Jackpocket’s app reaches customers in 17 states, each with individual compliance regulations. Jackpocket is responsible for navigating regulatory compliance within each state, and as their list of state-specific requirements grew, so did the time spent on security questionnaires. 

“We knew we needed to reduce the time spent on questionnaires to advance,” said Jackpocket’s Director of Information Security, Moses Thambuswamy. “The question was: how can we appease individual state regulators while also growing our business?” 

With a SOC 2 Type 2 report already under their belt, Jackpocket set the foundation to leverage their cybersecurity posture. However, they wanted to establish a strong and ongoing security program that would allow their team to focus on what they do best in their day-to-day jobs. 

The Solution

BARR’s cybersecurity consulting team clearly explained their virtual Chief Information Security Officer (vCISO) services and a timeline that could benefit Jackpocket’s unique needs.

“One of BARR’s strengths lies in designing and implementing security programs. They were able to leverage their available tools and further our program through a seamless transition. With BARR’s help, we were able to prioritize our needs and create a security roadmap for the upcoming year,” said Thambuswamy.

Through BARR’s expertise and skill set, Jackpocket gained a partner who helped them learn how to advocate for security controls and policies when meeting with executives. As Jackpocket continued their partnership with BARR, they noticed they were receiving approval from stakeholders and business growth that would lead to exciting transitions. 

The Results

Since partnering with BARR, Jackpocket has significantly matured their security and compliance program. Jackpocket’s team not only discovered their specific security nuances and where their pain points lie when it comes to compliance, but also how to communicate their unique control environment to stakeholders best.

“When we started with BARR, we quickly learned the team deeply understood every policy known to man. Their extensive knowledge meant we didn’t have to complete much initial leg work, and through the process, we witnessed our growth first-hand. In just a few months, we’ve accomplished our business goals and more,” said Thambuswamy. 

Since working with BARR, Jackpocket has experienced significant growth. They’ve welcomed six new states to their app and continue developing new advancements to their product. This year, they’re working toward achieving an ISO 27001 certification—an exciting milestone to add to their security posture. 

Jackpocket’s Results:

  • Gained a deep understanding of control environment 
  • Expanded to six new states, nearly doubling customer base
  • Advanced product to release a new app
  • Certified to new standards like ISO 27001
  • Growing with BARR to build an internal security program

“We’re anticipating more and more growth,” said Thambuswamy. “We’re moving at light speed, and in the future, we’ll work with BARR to build an internal security program where they’ll grow with us and transition from our vCISO to our security and compliance coordinator.”

Contact us for more information about partnering with BARR’s cybersecurity consulting team for your ongoing security and compliance management.