Using Gamification to Raise Awareness of Cyber Threats to Critical National Infrastructure
Senior executives of critical national infrastructure facilities face competing requirements for investment budgets. Whilst the impact of a cyber attack upon such utilities is potentially catastrophic, the risks to continued operations from failing to upgrade ageing infrastructure, or not meeting mandated regulatory regimes, are considered higher given the demonstrable impact of such circumstances. As cyber attacks on critical national infrastructure remain low-frequency events, there is little to motivate business leaders to increase their investment in cyber defences to comparable levels. This paper describes SCIPS, a gamified environment in which senior executives experience the impact of a cyber attack on an electric power generation plant, demonstrating how it can strategically affect shareholder value, and allows them to form their own views on the relative importance of cyber security investment.
Linked to the SCIPS tabletop game
Citation : Cook A., Smith R.G., Maglaras L. and Janicke H. (2016) Using Gamification to Raise Awareness of Cyber Threats to Critical National Infrastructure. Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research (ICS-CSR 2016), Belfast, 23-25 August 2016, DOI:10.14236/ewic/ICS2016.10
Research Group : Cyber Security Centre
Research Institute : Cyber Technology Institute (CTI)
Peer Reviewed : Yes