Do you want to play a cybersecurity game?

Nov. 8, 2012
How to create engaging cybersecurity awareness training in the corporate environment

I’m sure that many of you remember the movie "Wargames," the popular Cold War science fiction film in which a young hacker unwittingly accesses WOPR, a United States military supercomputer programmed to predict possible outcomes of nuclear war. In the movie, the hacker (Matthew Broderick) gets a military mainframe computer to run a nuclear war simulation, originally believing it to be a computer game. The simulation causes a national nuclear missile scare and nearly starts World War III. 

Well true to form, many of the things I see in the movies are  just a clear indication of things yet to become reality, such as phasers, teleporters, warp speed, photon bombs, and most recently, magnetic pulse bombs.  This missile has the capacity to permanently disable information technology resources, which in my opinion, will be the "weapon of choice" as our defense systems are highly dependent the use of the global information grid. This type of technology is a game changer that clearly points out that information technology is essential to our national security, and those that can disrupt it can gain a significant advantage as an adversary.

Similarly, I am seeing a viral rise in publicly available malicious software tools that can be downloaded from the internet that can create disruptions by flooding a site with traffic otherwise known as a distributed denial of service attack or DDoS.  An example of this is known as the Low Orbit Ion Cannon, which if launched from multiple sites, can bring down a network that does not have the appropriate filters and firewall configurations in place.

About a year ago, I visited one of our clients who is the security director of a large defense contractor. When I was invited to his office, I thought that I had inadvertently taken a wrong turn and ended up in a snack bar.  There was a long bookshelf with pre-packaged snacks everything from chips, candy, gum, popcorn, candy bars, mints, pretzels. After seeing this, my first inclination was to get a grab bag of goodies and take them over to my work area.  As I decided that the pretzels were my choice and when I asked for a bag he said, of course, but you have to answer a security question first. 

If organizations were to demystify cybersecurity and create engaging security awareness training in a non-threating and non-challenging environment, end-users would feel less threatened to ask questions, have open dialogue and increase their knowledge of how to protect online identities, as well as corporate information.  I think that game developers should create corporate games such as capture the flag, tag, dodge ball, and model games such as "Jeopardy," "Are You Smarter Than a 5th Grader," and my favorite show "Deal or no Deal" with a cybersecurity awareness twist.

If anyone is interested, let’s get started.

Sponsored Recommendations

How to Protect A Network-Centric Physical Security Systems

The migration to a single-pane-of-glass approach limits risk but does not eliminate security threats

NYPD launches Knightscope security robot service in Manhattan subway

The first two weeks will be spent on training, configuration and setup protocols for the autonomous robot to navigate followed by patrol activities between the hours of 12:00am...

Hornetsecurity releases "Microsoft 365: The Essential Companion Guide"

Microsoft 365: The Essential Companion Guide is a comprehensive resource that provides an in-depth analysis of Microsoft 365 to help users maximize their efforts when using this...

SecurityDNA podcast recap: discussing digital twins, venture capital and smart cities with security industry futurist Jon Polly

Jon Polly utilizes his knowledge of past security trends to analyze the impact that regulating artificial intelligence and the expansion of digital twins will have on the industry...