Making SME cybersecurity fun – from the inside, out

remote security, secure, collaboration

Cybersecurity is no laughing matter. But could playing games actually help staff understand and take more responsibility for protecting their employers against cybercrime, an industry which costs the Australian economy roughly $1 billion annually?

Game on!

Gamification is a buzzword within the corporate training climate and can assist with these challenges. So what is it?

Essentially, it’s the process of incorporating gaming elements to training activities. It takes what is fun in games and applies it to commercial situations. It’s proving to motivate workers to undertake training, increase engagement with training material, and influence good cyber practice.

KIPS

Kaspersky Interactive Protection Simulation (KIPS) is an interactive video game that places business operators and employees into simulated business environments to face unexpected cyber threats. Teams act on threats and incidents while trying to maximise profits and maintain the confidence of their colleagues, suppliers and customers.

It all comes down to the people…one of the biggest security challenges we see is different perspectives of cyber-security and the potential impacts and relevance based on differing roles, responsibilities and individual accountability in a business.

Making learning fun

The typical game offers choices through a series of predetermined options in reaction to various security threats. Teams build cyber defence strategies. The actions or reactions to the unfolding events determines outcomes and leads ultimately to how much profit or loss the hypothetical company makes.

Gameplay can also highlight the need to mitigate or eradicate emerging challenges. Hypotheticals illustrate typical mistakes that businesses make and can arm participants with actionable conclusions to take back to into the business.

Other benefits

Experts agree that raising awareness of risks through training through interactive games can have other benefits:

  • It can recognise and reward good cyber behaviour and may even identify hidden talent among staff.
  • It starts conversations about how to handle sensitive data and information.
  • Staff become invested in the security of the business.
  • Gaming is friendly competition; people respond to it.
  • It can be current and automated, which means staff can engage in training on a regular basis.
  • It can assist with cyber-security audits and in ongoing cyber-security strategy.

Defence vs attack

As cyber attacks, phishing schemes, and data theft become more sophisticated and prevalent, it’s increasingly important for businesses to build their defences from the inside out –beginning with their employees.

Gamification, including KIPS, engages employees across all areas of a business.

Cyber security professionals agree that with the need to shift from reactive to preventative, business needs to keep staff updated regarding risk assessment and best practice. Gamification enables businesses to meet this requirement in an engaging, stimulating way.

The bottom line

Empowering staff with awareness adds a level of protection to your business, without which employees can open the doors to security breaches.

But the cost of managing security for most businesses is nothing compared to the impact a cyber attack can have on revenue and other areas of the business.

Training such as KIPS is an investment in your staff. Arming your “frontline”, empowering them with the knowledge they need to protect your business, can also have a positive effect overall of the business performance.

Margrith Appleby, General Manager, Kaspersky ANZ