Principles of Effective Cybersecurity Wargames
Expert cybersecurity practitioners are intensely aware of how complex the field may seem to less experienced colleagues. An effective cyber defense function, for example, requires colleagues with technical expertise as well as colleagues a genuine understanding of the threat landscape, adversarial tactics, cyber strategy, and essential related concepts including legal or reputational impact of a cyber incident.
Conveying these ideas through training and education too often relies on the transfer of facts without context, in which users often may not genuinely understand why certain cybersecurity behaviors are more useful than others. The use of serious games highlights a promising and engaging avenue to educate users with facts placed into an appropriate and relevant context.