Game‐based learning: A review of tabletop exercises for cybersecurity incident response training
The surge in cyber security breaches including the shortage of skilled cyber incident response (CSIR) professionals and the ever‐changing cyber threat landscape is a big concern for the security industry. As a result, training providers are seeking innovative ways to tackle current security challeng...
Gespeichert in:
| Veröffentlicht in: | Security and privacy 2020-11, Vol.3 (6), p.n/a |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | n/a |
|---|---|
| container_issue | 6 |
| container_start_page | |
| container_title | Security and privacy |
| container_volume | 3 |
| creator | Angafor, Giddeon N. Yevseyeva, Iryna He, Ying |
| description | The surge in cyber security breaches including the shortage of skilled cyber incident response (CSIR) professionals and the ever‐changing cyber threat landscape is a big concern for the security industry. As a result, training providers are seeking innovative ways to tackle current security challenges. Businesses in public and private sectors recognize the importance of implementing effective cyber security measures, one of which is training their employees. Many are taking active steps to ensure that employees and cyber security incident response teams (CSIRTs) can identify and respond to breaches through state‐of‐the‐art training. There are indications that pioneering training programs like serious games (SGs), including tabletop exercises (TTXs), can play a role in CSIR training. This paper reviewed TTX related SGs literature, analyzed existing CSIR training exercises and reported how TTXs are currently being used in CSIR training. It also discussed why TTXs are increasingly becoming a popular tool for CSIR and emergency response (ER) training, analyzed the strengths and weaknesses of the current research and identified areas for future research. The findings suggest that TTX training improves the awareness, understanding, and preparation levels of CSIRTs. That TTXs enhance their strategic decision‐making, enabling CSIRTs to be better prepared when dealing with security incidents. It observed that TTX related training improved the skills and aptitudes of CSIRTs and security operative center personnel. TTXs assist trainees to acquire and demonstrate both technical and nontechnical skills, including soft skills which are essential but often observed to be lacking in new graduates and some experienced technically minded personnel. TTX training augments traditional methods like classroom lectures by providing opportunities for experiential learning and practice‐based approaches in dealing with real‐life problems. |
| doi_str_mv | 10.1002/spy2.126 |
| format | Article |
| fullrecord | <record><control><sourceid>wiley_cross</sourceid><recordid>TN_cdi_crossref_primary_10_1002_spy2_126</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>SPY2126</sourcerecordid><originalsourceid>FETCH-LOGICAL-c2296-bbe3cbff8991632fc6b7523d26f0ae9b72863789610aaed1805eb2ef101ddc473</originalsourceid><addsrcrecordid>eNp1kLFOwzAURS0EElWpxCd4ZEmxXxonZqsqaJEqgQQMTJbtPCOjNInsQMnGJ_CNfAmJysDC9N5w7tXVIeScszlnDC5j28OcgzgiE1jkWSJyyI7__KdkFuMrY4wXIgVZTIhZ6x1-f34ZHbGkFepQ-_rlii5pwHePe9o42mlTYde0FD8wWB8xUtcEanuDIaJ9C77rqa-tL7Huhlxsmzoi7YL2Y9kZOXG6ijj7vVPydHP9uNok27v17Wq5TSyAFIkxmFrjXCElH8Y5K0yeQVqCcEyjNDkMm_NCCs60xpIXLEMD6DjjZWkXeTolF4deG5oYAzrVBr_ToVecqVGPGvWoQc-AJgd07yvs_-XUw_0zjPwPdJ9paA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Game‐based learning: A review of tabletop exercises for cybersecurity incident response training</title><source>Wiley Online Library Journals Frontfile Complete</source><creator>Angafor, Giddeon N. ; Yevseyeva, Iryna ; He, Ying</creator><creatorcontrib>Angafor, Giddeon N. ; Yevseyeva, Iryna ; He, Ying</creatorcontrib><description>The surge in cyber security breaches including the shortage of skilled cyber incident response (CSIR) professionals and the ever‐changing cyber threat landscape is a big concern for the security industry. As a result, training providers are seeking innovative ways to tackle current security challenges. Businesses in public and private sectors recognize the importance of implementing effective cyber security measures, one of which is training their employees. Many are taking active steps to ensure that employees and cyber security incident response teams (CSIRTs) can identify and respond to breaches through state‐of‐the‐art training. There are indications that pioneering training programs like serious games (SGs), including tabletop exercises (TTXs), can play a role in CSIR training. This paper reviewed TTX related SGs literature, analyzed existing CSIR training exercises and reported how TTXs are currently being used in CSIR training. It also discussed why TTXs are increasingly becoming a popular tool for CSIR and emergency response (ER) training, analyzed the strengths and weaknesses of the current research and identified areas for future research. The findings suggest that TTX training improves the awareness, understanding, and preparation levels of CSIRTs. That TTXs enhance their strategic decision‐making, enabling CSIRTs to be better prepared when dealing with security incidents. It observed that TTX related training improved the skills and aptitudes of CSIRTs and security operative center personnel. TTXs assist trainees to acquire and demonstrate both technical and nontechnical skills, including soft skills which are essential but often observed to be lacking in new graduates and some experienced technically minded personnel. TTX training augments traditional methods like classroom lectures by providing opportunities for experiential learning and practice‐based approaches in dealing with real‐life problems.</description><identifier>ISSN: 2475-6725</identifier><identifier>EISSN: 2475-6725</identifier><identifier>DOI: 10.1002/spy2.126</identifier><language>eng</language><publisher>Boston, USA: Wiley Periodicals, Inc</publisher><subject>cybersecurity ; cybersecurity training ; incident response ; serious games ; tabletop exercises</subject><ispartof>Security and privacy, 2020-11, Vol.3 (6), p.n/a</ispartof><rights>2020 The Authors. published by John Wiley & Sons Ltd.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c2296-bbe3cbff8991632fc6b7523d26f0ae9b72863789610aaed1805eb2ef101ddc473</citedby><cites>FETCH-LOGICAL-c2296-bbe3cbff8991632fc6b7523d26f0ae9b72863789610aaed1805eb2ef101ddc473</cites><orcidid>0000-0002-1535-4472 ; 0000-0003-2023-5547 ; 0000-0002-1627-7624</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://onlinelibrary.wiley.com/doi/pdf/10.1002%2Fspy2.126$$EPDF$$P50$$Gwiley$$Hfree_for_read</linktopdf><linktohtml>$$Uhttps://onlinelibrary.wiley.com/doi/full/10.1002%2Fspy2.126$$EHTML$$P50$$Gwiley$$Hfree_for_read</linktohtml><link.rule.ids>314,780,784,1417,27924,27925,45574,45575</link.rule.ids></links><search><creatorcontrib>Angafor, Giddeon N.</creatorcontrib><creatorcontrib>Yevseyeva, Iryna</creatorcontrib><creatorcontrib>He, Ying</creatorcontrib><title>Game‐based learning: A review of tabletop exercises for cybersecurity incident response training</title><title>Security and privacy</title><description>The surge in cyber security breaches including the shortage of skilled cyber incident response (CSIR) professionals and the ever‐changing cyber threat landscape is a big concern for the security industry. As a result, training providers are seeking innovative ways to tackle current security challenges. Businesses in public and private sectors recognize the importance of implementing effective cyber security measures, one of which is training their employees. Many are taking active steps to ensure that employees and cyber security incident response teams (CSIRTs) can identify and respond to breaches through state‐of‐the‐art training. There are indications that pioneering training programs like serious games (SGs), including tabletop exercises (TTXs), can play a role in CSIR training. This paper reviewed TTX related SGs literature, analyzed existing CSIR training exercises and reported how TTXs are currently being used in CSIR training. It also discussed why TTXs are increasingly becoming a popular tool for CSIR and emergency response (ER) training, analyzed the strengths and weaknesses of the current research and identified areas for future research. The findings suggest that TTX training improves the awareness, understanding, and preparation levels of CSIRTs. That TTXs enhance their strategic decision‐making, enabling CSIRTs to be better prepared when dealing with security incidents. It observed that TTX related training improved the skills and aptitudes of CSIRTs and security operative center personnel. TTXs assist trainees to acquire and demonstrate both technical and nontechnical skills, including soft skills which are essential but often observed to be lacking in new graduates and some experienced technically minded personnel. TTX training augments traditional methods like classroom lectures by providing opportunities for experiential learning and practice‐based approaches in dealing with real‐life problems.</description><subject>cybersecurity</subject><subject>cybersecurity training</subject><subject>incident response</subject><subject>serious games</subject><subject>tabletop exercises</subject><issn>2475-6725</issn><issn>2475-6725</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><sourceid>24P</sourceid><sourceid>WIN</sourceid><recordid>eNp1kLFOwzAURS0EElWpxCd4ZEmxXxonZqsqaJEqgQQMTJbtPCOjNInsQMnGJ_CNfAmJysDC9N5w7tXVIeScszlnDC5j28OcgzgiE1jkWSJyyI7__KdkFuMrY4wXIgVZTIhZ6x1-f34ZHbGkFepQ-_rlii5pwHePe9o42mlTYde0FD8wWB8xUtcEanuDIaJ9C77rqa-tL7Huhlxsmzoi7YL2Y9kZOXG6ijj7vVPydHP9uNok27v17Wq5TSyAFIkxmFrjXCElH8Y5K0yeQVqCcEyjNDkMm_NCCs60xpIXLEMD6DjjZWkXeTolF4deG5oYAzrVBr_ToVecqVGPGvWoQc-AJgd07yvs_-XUw_0zjPwPdJ9paA</recordid><startdate>202011</startdate><enddate>202011</enddate><creator>Angafor, Giddeon N.</creator><creator>Yevseyeva, Iryna</creator><creator>He, Ying</creator><general>Wiley Periodicals, Inc</general><scope>24P</scope><scope>WIN</scope><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-1535-4472</orcidid><orcidid>https://orcid.org/0000-0003-2023-5547</orcidid><orcidid>https://orcid.org/0000-0002-1627-7624</orcidid></search><sort><creationdate>202011</creationdate><title>Game‐based learning: A review of tabletop exercises for cybersecurity incident response training</title><author>Angafor, Giddeon N. ; Yevseyeva, Iryna ; He, Ying</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c2296-bbe3cbff8991632fc6b7523d26f0ae9b72863789610aaed1805eb2ef101ddc473</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>cybersecurity</topic><topic>cybersecurity training</topic><topic>incident response</topic><topic>serious games</topic><topic>tabletop exercises</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Angafor, Giddeon N.</creatorcontrib><creatorcontrib>Yevseyeva, Iryna</creatorcontrib><creatorcontrib>He, Ying</creatorcontrib><collection>Wiley-Blackwell Open Access Titles</collection><collection>Wiley Free Content</collection><collection>CrossRef</collection><jtitle>Security and privacy</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Angafor, Giddeon N.</au><au>Yevseyeva, Iryna</au><au>He, Ying</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Game‐based learning: A review of tabletop exercises for cybersecurity incident response training</atitle><jtitle>Security and privacy</jtitle><date>2020-11</date><risdate>2020</risdate><volume>3</volume><issue>6</issue><epage>n/a</epage><issn>2475-6725</issn><eissn>2475-6725</eissn><abstract>The surge in cyber security breaches including the shortage of skilled cyber incident response (CSIR) professionals and the ever‐changing cyber threat landscape is a big concern for the security industry. As a result, training providers are seeking innovative ways to tackle current security challenges. Businesses in public and private sectors recognize the importance of implementing effective cyber security measures, one of which is training their employees. Many are taking active steps to ensure that employees and cyber security incident response teams (CSIRTs) can identify and respond to breaches through state‐of‐the‐art training. There are indications that pioneering training programs like serious games (SGs), including tabletop exercises (TTXs), can play a role in CSIR training. This paper reviewed TTX related SGs literature, analyzed existing CSIR training exercises and reported how TTXs are currently being used in CSIR training. It also discussed why TTXs are increasingly becoming a popular tool for CSIR and emergency response (ER) training, analyzed the strengths and weaknesses of the current research and identified areas for future research. The findings suggest that TTX training improves the awareness, understanding, and preparation levels of CSIRTs. That TTXs enhance their strategic decision‐making, enabling CSIRTs to be better prepared when dealing with security incidents. It observed that TTX related training improved the skills and aptitudes of CSIRTs and security operative center personnel. TTXs assist trainees to acquire and demonstrate both technical and nontechnical skills, including soft skills which are essential but often observed to be lacking in new graduates and some experienced technically minded personnel. TTX training augments traditional methods like classroom lectures by providing opportunities for experiential learning and practice‐based approaches in dealing with real‐life problems.</abstract><cop>Boston, USA</cop><pub>Wiley Periodicals, Inc</pub><doi>10.1002/spy2.126</doi><tpages>19</tpages><orcidid>https://orcid.org/0000-0002-1535-4472</orcidid><orcidid>https://orcid.org/0000-0003-2023-5547</orcidid><orcidid>https://orcid.org/0000-0002-1627-7624</orcidid><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2475-6725 |
| ispartof | Security and privacy, 2020-11, Vol.3 (6), p.n/a |
| issn | 2475-6725 2475-6725 |
| language | eng |
| recordid | cdi_crossref_primary_10_1002_spy2_126 |
| source | Wiley Online Library Journals Frontfile Complete |
| subjects | cybersecurity cybersecurity training incident response serious games tabletop exercises |
| title | Game‐based learning: A review of tabletop exercises for cybersecurity incident response training |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T22%3A29%3A17IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-wiley_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Game%E2%80%90based%20learning:%20A%20review%20of%20tabletop%20exercises%20for%20cybersecurity%20incident%20response%20training&rft.jtitle=Security%20and%20privacy&rft.au=Angafor,%20Giddeon%20N.&rft.date=2020-11&rft.volume=3&rft.issue=6&rft.epage=n/a&rft.issn=2475-6725&rft.eissn=2475-6725&rft_id=info:doi/10.1002/spy2.126&rft_dat=%3Cwiley_cross%3ESPY2126%3C/wiley_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |