Game of Threats™ is a digital game that is designed to simulate the speed and complexity of an actual cyber breach. The solution integrates elements of gamification and game theory to provide an interactive client experience where a client team playing itself tries to defend itself from a of threat actors team (also played by company personnel).
The game environment creates a realistic experience where both sides are required to make quick, high impact decisions with minimal information. At its core, Game of Threats™ is a critical decision making game that has been designed to reward good decisions by the players, and to penalise teams for making poor decisions. Players walk away with a better understanding of the steps they need to take to better secure their companies.
Fundamentally, Game of Threats™ was created to deliver a unique experience by allowing clients to feel pressure as they make fast paced decisions and to see potential consequences of their actions in real-time. Our game forces players to make choices about how to attack (if playing the threat actor) and defend (if playing the company) with limited information and to balance investment in capability and responding to the other teams’ actions and plans.
PwC moderators facilitate a direct dialogue with clients about their choices during the game and provide on the spot feedback about strategy and decision-making. This approach elevates the impact of client investments in cybersecurity awareness through real-time feedback on their selected actions, and a discussion about alternate responses and their potential outcomes.
Each team interacts with its own tablet controller, and sees the impact of their decisions in real-time on a shared monitor. Both sides must make careful and strategic decisions in order to win.
Actions are designed around the concept of a shuffled deck of cards, so users encounter different decisions every time they play.
Post-game summary provides players with a detailed review of all actions and outcomes for both sides during the game. The company will receive an analysis of gameplay to enable the company to apply lessons learned during the game to real-world cybersecurity.