Одлуки и нарушувања

Congratulations for Completing Year

Note to Game Master: please read this to your group.

Good News

Bad News

Congratulations on completing Decisions & Disruptions

Note to Game Master: please read this to your group.
After years, your bussiness is left in the following state:
The total loss incured during your time on the board was: £

What we want you to take away from the game

  • Cyber security doesn't have to be expensive
  • Take responsibility to keep up to date with current threats
  • Cyber and Physical security go hand in hand. Cyber security can affect the physical world and physical security can affect the cyber world
  • Get the basics right - anti-virus, firewalls, staff training, understand your own company's weakneses, patching, and protect your data!
  • No system is 100% secure. It's importnat to have a plan to make your response to an attack efficient and effective. We can help with guidlines to create one, or come and test your Business Continuity or Disaster Recovery plans.

Asset Audit

Note to Game Master: please read this to your group.
You hire an external team who come in and spend the entire day at each site assessing your weakneses. They come back with the following assessment.

  • The company's PC's run on an old, insecure operating system long past its end of life. They can be upgraded to the most recent, supported operating system via the PC Upgrade. This will include continuous support and security patches.
  • The server's operating systems are also outdated and suffer from known vulnerabilities. These can be patched via the Server Upgrade. This also includes ongoing support and security patches.
  • The SCADA controller has never been updated since its deployment 20 years ago. It is vulnerable to very simple exploits. A Controller Upgrade will patch all known vulerabilities.
  • The company has never encrypted any of its data - everything is stored in clear text. PC Encryption will encrypt any data help on the PC's. Database Encryption will encrypt the entire contents of the two databases.

Note to Game Master: please reveal the cards within the "Do Not Open Unless Instructed To" envelope. These cards are now available to purchase.

Threat Assessment

Note to Game Master: please read this to your group.
A consultant conducts a threat analysis and identifies three different threat vectors.

  • Script Kiddies. They have low computer skills and tend to use tools built by others which are easily available on the dark web. They tend to be motivated by the fun aspect of hacking, more than anything else. Due to the number of such low killed attackers and the wide availability of their techniques, their attacks are expected to be targeting the company's infrastructure at all time. They are probably at work as we speak!
  • Organised Criminal Groups.They have high skills and clear motivations. They will use advanced techniques such as phishing, remote access tools (RATs) and advanced malware. They have specific targets, which make their attacks less likely. However, it would be surprising if at least one of them did not take interest in the company at some point.
  • Nation State Attackers. They use cutting edge tools that even OCG's don't have access to. They conuct espionage and cyber warfare. Should one of them target the company, there is very little that you could do to resist them.

Year 1

Decisions & Disruptions

Select Game Option


Budget: £0
Total Loss: £

Note to Game Master: You must work with your group to decide on which security features to buy for this year. Once you and your group have chosen your desired security features for this year, select them below. Do not rush your chosen features, as choosing unwisely could have terrible repercussions for your business. Once you have chosen your purchases for this year here, click "Complete Year". You will receive an update on how the plant coped during the year. The game ends when you have completed 4 years, or the plant is no more. When purchasing the "Threat Assement" card, or the "Asset Audit" card, you will receive an immediate update. Be sure not to refresh this webpage, as you will lose your progress.

Available Purchases: