A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel. These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability. This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study the use of games in training security teams. Studying how information security teams work, especially considering the topic of shared-situational awareness, could lead to better ways of forming, managing, and training teams. Studying the effectiveness of the game as a training tool could lead to better training for security teams.
Cebrowski, A. K., & Garstka, J. (1997). “Network centric warfare: Its origin and future. Naval Institute Proceedings,” 124(1), 28-36.
Dempsey, J. V., Haynes, L. L., Lucassen, B. A., & Casey, M. S. (2002). “Forty simple computer games and what they could mean to educators.” Simulation & Gaming, 33(2), 157-168.
Hevner, A. R., March, S. T., Park, J., & Ram, S. (2004). “Design science in information systems research.” MIS Quarterly, 28(1), 75-105.
Irvine, C. E., Thompson, M. F., & Allen, K. (2005). “CyberCIEGE: Gaming for information assurance.” Security & Privacy Magazine, 3(3), 61-64.
Kayes, A. B., Kayes, C. D., & Kolb, D. A. (2005). “Experiential learning in teams.” Simulation & Gaming, 36(3), 303-329.
Keys, B., & Wolfe, J. (1990). “The role of management games and simulations in education and research.” Journal of Management, 16(2), 307-337.
Kolb, D. A. (1984). Experiential learning: experience as the source of learning and development. Englewood Cliffs, N.J.: Prentice-Hall.
Saunders, J. H. (2002). “Simulation approaches in information security education.” Journal of Information Security, 1(2).
Twitchell, D. P., Wiers, K., Adkins, M., Burgoon, J. K., & Nunamaker, J., Jay F. (2005). ‘StrikeCOM: A multi-player online strategy game for researching and teaching group dynamics.’ Paper presented at the Thirty-Eighth Hawaii International Conference on System Sciences (CD/ROM), Big Island, Hawaii
Twitchell, Douglas P.
"SecurityCom: A Multi-Player Game for Researching and Teaching Information Security Teams,"
Journal of Digital Forensics, Security and Law: Vol. 2
, Article 1.
Available at: http://commons.erau.edu/jdfsl/vol2/iss4/1