Game based cyber security training: are serious games suitable for cyber security training?

Maurice Hendrix, Ali Al-Sherbaz, Bloom Victoria

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search. While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.
Original languageEnglish
JournalInternational Journal of Serious Games
Volume3
Issue number1
DOIs
Publication statusPublished - 1 Jan 2016

Fingerprint

Managers
Serious games

Keywords

  • Games
  • serious games
  • cyber security
  • training
  • online safety

Cite this

@article{fc487ea4a046457e814dbb12b9665d5a,
title = "Game based cyber security training: are serious games suitable for cyber security training?",
abstract = "Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search. While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.",
keywords = "Games, serious games, cyber security, training, online safety",
author = "Maurice Hendrix and Ali Al-Sherbaz and Bloom Victoria",
year = "2016",
month = "1",
day = "1",
doi = "10.17083/ijsg.v3i1.107",
language = "English",
volume = "3",
journal = "International Journal of Serious Games",
issn = "2384-8766",
publisher = "Serious Games Society",
number = "1",

}

Game based cyber security training: are serious games suitable for cyber security training? / Hendrix, Maurice; Al-Sherbaz, Ali; Victoria, Bloom.

In: International Journal of Serious Games, Vol. 3, No. 1, 01.01.2016.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Game based cyber security training: are serious games suitable for cyber security training?

AU - Hendrix, Maurice

AU - Al-Sherbaz, Ali

AU - Victoria, Bloom

PY - 2016/1/1

Y1 - 2016/1/1

N2 - Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search. While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

AB - Security research and training is attracting a lot of investment and interest from governments and the private sector. Most efforts have focused on physical security, while cyber security or digital security has been given less importance. With recent high-profile attacks it has become clear that training in cyber security is needed. Serious Games have the capability to be effective tools for public engagement and behavioural change and role play games, are already used by security professionals. Thus cyber security seems especially well-suited to Serious Games. This paper investigates whether games can be effective cyber security training tools. The study is conducted by means of a structured literature review supplemented with a general web search. While there are early positive indications there is not yet enough evidence to draw any definite conclusions. There is a clear gap in target audience with almost all products and studies targeting the general public and very little attention given to IT professionals and managers. The products and studies also mostly work over a short period, while it is known that short-term interventions are not particularly effective at affecting behavioural change.

KW - Games

KW - serious games

KW - cyber security

KW - training

KW - online safety

U2 - 10.17083/ijsg.v3i1.107

DO - 10.17083/ijsg.v3i1.107

M3 - Article

VL - 3

JO - International Journal of Serious Games

JF - International Journal of Serious Games

SN - 2384-8766

IS - 1

ER -