611 - Cybersecurity Training Games
Hackers invade your network by exploiting the careless behavior of your people. You must create a training program to prevent this. But everybody finds cybersecurity training burdensome and pointless. And guess what: almost all this training fails. At this session, we review several sources of failure (spoiler alert: it's not them, it's you) and we will explore a path to meaningful, enjoyable, effective training.
You won't hit a bullseye if you can't see the target. So in this session we take a look at the 5 Quadrants of Learning. You will find it a useful tool to frame your learning objectives and to develop a strategy to achieve them. We will investigate how four different organizations created cybersecurity training games. These are big companies with serious cyber exposure: a government agency with 600,000 employees, a public utility providing state-wide electric infrastructure, a vast consumer-facing financial company, and a network security vendor. We will examine how each company viewed its cybersecurity problem and how each developed a very different game to address it.
In this session, you will learn:
- To design and promote a learning strategy using the 5 Quadrant framework
- To use game based learning to promote behavior change
- To think like a hacker, so you can defeat hackers
- To identify exactly the behavior you must change
- To exploit learning techniques specific to the desired behavior changes
- To present your strategy to your bosses and your staff
Managers, senior leaders
Cyber Defender game (USPS), Cloud Defense game (Intuit), Targeted Attack (Trend Micro), Data Center Attack (Trend Micro), CID Defender (Arizona Public Utiity), Tower Defense Game, Transmedia Game, Video narrative game, Cartoon Quiz game, F Quadrant Learning