11-18, 13:55–14:25 (Europe/Vienna), Badeschiff
Tabletops are not a new thing in Incident Response training. But oftentimes they’re pretty dull. But wait! What if we made this into a game much like D&D. But instead of fighting orcs with magic you are fighting a realistic ransomware scenario armed with your D20 playing as the dexterous apprentice (who’s always the scapegoat, right?) along with the rest of your team.
That sounds awesome, right? You know what? It is!
Come to my talk and I’ll tell you about my path to IR role playing, my experiences and how you can get started doing your own IR role playing games right away!
Within the field of cyber security it’s pretty common to do a tabletop exercise (TTX) to train your capabilities to defend the business if - or rather - when a serious incident occurs.
During these your team sits down around a table (or virtually), there’s an experienced facilitator there. Usually it’s an external consultant since your own security team needs to be trained as well. And usually it’s not that interesting. Sometimes it even tends to be dull. But you do it because you must check a compliance box and because it makes sense to be prepared.
But what if it wasn’t dull? What if it - literally - was a game instead that had a resemblance to those D&D games you played as a kid. But instead of being wizards, orcs and elfs on a magical journey you’re together with your team or management playing through realistic security incidents.
Gamification is becoming more and more popular in general - for a reason. In the shape of Incident Response (IR) training it can help your team to become better in a way where egos don’t get in the way (as they sometimes do). It can even improve teamwork and empathy by building better understanding between team members if you choose to play it with roles shuffled around, giving the CEO the possibility to feel the pressure of a forensic investigator, a communications officer or someone else.
Shortly put: IR roleplaying can up your game in a way an ordinary TTX just can’t. And on top of that it’s great fun. Training IR like this takes up the seemingly impossible task of making compliance fun (at least parts of it) without compromising the learning experience.
In my talk I’ll talk about my path to IR role playing, my experiences and how you can get started doing your own IR role playing games right away!
Klaus Agnoletti has been an all-round infosec professional since 2004. As a long-time active member of the infosec community in Copenhagen, Denmark, he co-founded BSides København in 2019. Currently he's a freelance storytelling cyber security advisor specializing in security transformation and community focused marketing, employer branding, playing security games and other fun assignments and ideas coming his way.