How gamification can help you understand how prepared you are to address cyber attacks.
Understanding the breadth of possible cyber attacks, the damage they can inflict across every part of the organisation, the range of different threat actors and their motivations can all be challenging for cyber security decision-makers. The industry is moving quickly, and leaders have to understand the threats if they are going to improve their organisation’s security profile.
That’s why PwC developed Game of Threats™. This innovative digital game draws on the very best of PwC’s international and local expertise in the cyber security space and packages it in a way that is highly accessible, engaging and interactive.
“Through gamification, we've taken the complex, intangible world of cyber security and made it real, engaging and meaningful. The Game experience is incredibly powerful at quickly building the knowledge and understanding of boards, executives and their teams on the real world threats they face and the holistic responses and strategies they need to deal with them.”
Game of Threats™ puts groups of C-suite, IT security managers and boards of directors through a series of scenarios where they will have to make fast-paced decisions based on limited information. They will then see the consequences of their actions play out in real time. Participants take the role of either an organisation defending its data or a threat actor – a criminal organisation, hacktivist or nation state.
For those defending the organisation, the exercise allows them to really understand the range of actions they can take before, during and after a cyber attack. They can then see how their actions play out in real time.
Those playing the role of a threat actor instead are able to understand the mentality behind a cyber attack. They can see how modern cyber attacks are developed to be highly targeted and well-resourced – a far cry from the opportunistic attacks companies have faced in the past.
The aim of the game is to build awareness among senior leaders about the range of threats they face and to demonstrate the consequences of their decisions. What’s more, it does this by immersing participants in a highly interactive and engaging format where they take the lead in improving their awareness of cyber security challenges.
Game of Threats™ consists of a series of games, interspersed with analysis and feedback from our cyber security team who lead the session. During the simulated cyber attacks, each team takes turns to make a move within a 90 second window, as they defend or attack the organisation.
The scenarios are designed so that no two games are the same, giving participants a unique experience where their actions have actively shaped the outcome of the game. To help the teams make these choices, we also provide a stream of realistic intelligence feeds, from social media and online publishers to security organisations. As well as providing information sources, these feeds showcase the different consequences of the players’ choices.
Game of Threats™ is designed for any decision-maker within the business who has oversight of their organisation’s cyber security efforts. The exercise is designed to explore how a cyber attack affects every part of the business, making it relevant for a broad group of business leaders. Among the participants we take through the exercise regularly are: