AHFE Open AccessPlanning the perfect heist: An adversarial cyber game
Abstract
This paper introduces "Heist: An Adversarial Cyber Security Board Game", designed to enhance cyber security knowledge through interactive gameplay. Players engage in asymmetrical team-based play, simulating a 'cyber heist' on a sci-fi hotel. The unique setup integrates technical, social, and organisational strategies, enabling diverse cyber security approaches using a deck-building mechanic.Heist development emphasised CyBOK knowledge areas, resulting in core mechanics focused on deck building, promoting critical thinking and collaboration. Players deploy specialists to attack or defend, with attackers aiming to tarnish the hotel's reputation while the defender seeks to identify them through digital evidence. The game strikes a balance between strategy and learning, broadening participation in cyber security and deepening players' understanding of tactics.Playtesting sessions informed refinements, enhancing educational impact and entertainment value. Heist exemplifies an innovative approach to cyber security education, merging theory and practical application in an immersive board game format. It showcases the potential of educational games for complex subjects like cyber security.
Keywords: Cyber Security, Gamification, Education, Human Computer Interaction, Usable Security, Applied Games
DOI: 10.54941/ahfe1004773
Cite this paper
More from this volume
- Using DESM to demonstrate how behavior can impact an enterprise's physical attack surface structure
- Proposing a DESM-based analytical framework for the enterprise cyber defender
- Interactive virtual learning environment to develop next-generation cybersecurity practitioner competency
- Biometric Authentication for the Mitigation of Human Risk on a Social Network
- Measuring How Appropriate Individuals Are for Specific Jobs in a Network of Collaborators
- A Notion of Trustworthiness Based on Centrality in a Social Network
- Towards a Human-Centric AI Trustworthiness Risk Management Framework
- Does penalty help people learn to detect phishing emails?
- A survey of agent-based modeling for cybersecurity
- Mental Firewall Breached: Leveraging Cognitive Biases for Enhanced Cybersecurity
- Analyzing important factors in cybersecurity incidents using table-top exercise
- Discovering Cognitive Biases in Cyber Attackers’ Network Exploitation Activities: A Case Study