logo image

TD Magazine Article

Play to Protect

Game-based training benefits cybersecurity.

By

Wed Aug 01 2018

Loading...

From small businesses to large conglomerates, all modern organizations deal with cybersecurity. And according to Winning the Game, a recent McAfee study that surveyed more than 950 cybersecurity managers and professionals, 93 percent of people working in the industry believe the complexity of threats they face will increase over the next year.

To prepare, some companies have had success with game-based training. The study reports that four in 10 cybersecurity professionals say their organizations already hold some type of game-based exercise at least once a year, and 96 percent of those who do have such exercises say they have seen benefits. The most common of these include awareness and knowledge among IT staff of how breaches can occur, how to avoid becoming a victim of a breach, and how to best react to a breach.

Advertisement

Learning professionals who want to use games to help develop their organizations' cybersecurity teams have many options, but two that the report highlights are tabletop exercises and capture the flag.

Not sure where to start? According to Grant Bourzikas, chief information security officer at McAfee and vice president of McAfee labs, the exercise you should use depends on your organization's maturity.

He suggests beginning with tabletop exercises, which walk teams through different scenarios. "These are great for evaluating your thought process and measuring how long it takes your team to come to a decision," he says. "For example, you might begin with the whole organization getting phished, and after your team decides to block the email, you can see how quickly it decides to take action on the machines that were infiltrated."

Once your team masters the decision-making process, Bourzikas recommends moving on to games such as capture the flag, which involves having teams alternate between attacking and defending. These activities can develop execution and readiness. "You can set up a demo environment and run what's called a 'sanctioned' attack, when your team knows something is coming," he explains, "or you can do an 'unsanctioned' exercise, when you don't warn the defenders."

You've Reached ATD Member-only Content

Become an ATD member to continue

Already a member?Sign In

ISSUE

August 2018 - TD Magazine

View Articles

Copyright © 2024 ATD

ASTD changed its name to ATD to meet the growing needs of a dynamic, global profession.

Terms of UsePrivacy NoticeCookie Policy