What is Game of Threats™?
Game of Threats™ puts groups of C-suite, boards of directors and IT security managers through a series of scenarios where they will have to make fast-paced decisions based on limited information. They will then see the consequences of their actions play out in real time. Participants take the role of either an organisation defending its data or a threat actor – a criminal organisation, hacktivist or nation state.
For those defending the organisation, the exercise allows them to really understand the range of actions they can take before, during and after a cyber-attack. They can then see how their actions play out in real time.
Those playing the role of a threat actor instead are able to understand the mentality behind a cyber-attack. They can see how modern cyber-attacks are developed to be highly targeted and well-resourced – a far cry from the opportunistic attacks companies have faced in the past.
The aim of the game is to build awareness among senior leaders about the range of threats they face and to demonstrate the consequences of their decisions. What’s more, it does this by immersing participants in a highly interactive and engaging format where they take the lead in improving their awareness of cyber security challenges.
How do I play Game of Threats™?
Game of Threats™ consists of a series of games, interspersed with analysis and feedback from our cyber security team who leads the session. During the simulated cyber-attacks, each team takes turns to make a move within a 90 second window, as they defend or attack the organisation.
The scenarios are designed so that no two games are the same, giving participants a unique experience where their actions have actively shaped the outcome of the game. To help the teams make these choices, we also provide a stream of realistic intelligence feeds, from social media and online publishers to security organisations. As well as providing information sources, these feeds showcase the different consequences of the players’ choices.
Who is Game of Threats™ designed for?
“The industry is moving quickly, and leaders have to understand the threats if they are going to improve their organisation’s security profile,” said Vikas Sharma, Head of the Cyber and Digital Practice in PwC Mauritius. “The exercise is designed to explore how a cyber-attack affects every part of the business, making it relevant for a broad group of business leaders,” he added.
Game of Threats™ is designed for any decision-maker within the business who has oversight of their organisation’s cyber security efforts.
Among the participants PwC takes through the exercise regularly are:
- Board members and directors
- Leadership and management teams
- Crisis management teams
- Risk and IT security professionals
- Multi-disciplinary operational teams.