Riskio: A serious game for cyber security awareness and education
Riskio: A serious game for cyber security awareness and education
Cyber attacks are increasing in number and sophistication, causing organisations to continuously adapt management strategies for cyber security risks. As a key risk mitigation policy, organisations are investing in professional training courses for their employees to raise awareness on cyber attacks and related defences. Serious games have emerged as a new approach that can complement instruction-led or computer-based security training by providing a fun environment where players learn and practice cyber security concepts through the game. In this paper we propose Riskio, a tabletop game to increase cyber security awareness for people with no-technical background working in organisations. Riskio provides an active learning environment where players build knowledge on cyber security attacks and defences by playing both the role of the attacker and the defender of critical assets in a fictitious organisation.
Cyber Attacks, Cyber Security, Education, Gamification, Security Controls
Hart, Stephen
d9ad5153-ca09-418a-b3a5-078ea1b48536
Margheri, Andrea
4b87c32d-3eaf-445e-8ac0-8207daace2e1
Paci, Federica
9fbf3e5b-ae03-40e8-a75a-3657cbc9216e
Sassone, Vladimiro
df7d3c83-2aa0-4571-be94-9473b07b03e7
1 August 2020
Hart, Stephen
d9ad5153-ca09-418a-b3a5-078ea1b48536
Margheri, Andrea
4b87c32d-3eaf-445e-8ac0-8207daace2e1
Paci, Federica
9fbf3e5b-ae03-40e8-a75a-3657cbc9216e
Sassone, Vladimiro
df7d3c83-2aa0-4571-be94-9473b07b03e7
Hart, Stephen, Margheri, Andrea, Paci, Federica and Sassone, Vladimiro
(2020)
Riskio: A serious game for cyber security awareness and education.
Computers and Security, 95, [101827].
(doi:10.1016/j.cose.2020.101827).
Abstract
Cyber attacks are increasing in number and sophistication, causing organisations to continuously adapt management strategies for cyber security risks. As a key risk mitigation policy, organisations are investing in professional training courses for their employees to raise awareness on cyber attacks and related defences. Serious games have emerged as a new approach that can complement instruction-led or computer-based security training by providing a fun environment where players learn and practice cyber security concepts through the game. In this paper we propose Riskio, a tabletop game to increase cyber security awareness for people with no-technical background working in organisations. Riskio provides an active learning environment where players build knowledge on cyber security attacks and defences by playing both the role of the attacker and the defender of critical assets in a fictitious organisation.
Text
Riskio_A Serious Game for Cyber Security Awareness and Education
- Accepted Manuscript
More information
Accepted/In Press date: 31 March 2020
e-pub ahead of print date: 29 April 2020
Published date: 1 August 2020
Additional Information:
© 2020 Elsevier Ltd. All rights reserved.
Keywords:
Cyber Attacks, Cyber Security, Education, Gamification, Security Controls
Identifiers
Local EPrints ID: 441632
URI: http://eprints.soton.ac.uk/id/eprint/441632
ISSN: 0167-4048
PURE UUID: 8696d2e9-6f95-45aa-8ba0-bbc961d9ef3b
Catalogue record
Date deposited: 23 Jun 2020 16:30
Last modified: 10 Sep 2024 01:40
Export record
Altmetrics
Contributors
Author:
Stephen Hart
Author:
Federica Paci
Author:
Vladimiro Sassone
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics