Too Good to Be True: How playing games can up your organization’s security

There is a list of things we all dream about getting away with at work but generally do not attempt. This is for a number of reasons, most of them relating to a desire to not get fired. But what if you were to read that it is in fact possible to protect your organization from costly data breaches by taking some time away from your daily routine and playing games on the internet?

You might first check the byline, thinking this is a set-up perpetrated by your nemesis Ted from quality assurance. But this is not Ted. This is real life. In order to keep your organization protected, you need to think like a hacker. And in order to think like a hacker, you need to play some games.

Educational entertainment

Edutainment, if you will. Educational entertainment if you won’t. Get used to the word gamification, because it’s one you’re going to be seeing in trend pieces and experiencing all over the web soon enough.

Generally speaking, gamification is used in this sense to refer to the usage of gameplay mechanics in what would normally be non-game applications. Common gameplay mechanics like points, levels, badges, challenges and rankings serve as a way to make certain subjects and topics more engaging and easier to pay attention to for a longer period of time, thereby encouraging education.

One of the subjects that is benefiting from gamification is internet security vulnerabilities and threats. And with good reason. Amongst the internet security community, 2014 was known as the year of the breach, and then 2015 went and doubled 2014’s number of data breached records in just its first eight months.

Along with this increase has been an increase in the number of records breached by external hackings. According to statistics compiled by SecurityWeek, 2013 saw 49 million records breached by external hackings while the number of records breached by external hackings in 2015 climbed well over 115 million. With data breaches ever on the rise and external hackings becoming more and more prevalent, it’s no wonder internet security professionals (and their managers) are looking for innovative ways to increase vulnerabilities awareness and education.

Trying the other side of internet security

When you’re one of the good guys or gals of internet security defending against attempted hackings and breaches you get used to viewing software and applications from, well, your own perspective. The protective perspective. But to truly protect against hackers, you need to be able to think like them. To view your organization’s applications like a cyber criminal, looking for vulnerabilities and ways in that haven’t been fully defended. Essentially, you need to learn to beat hackers at their own game.

Hacking games such as internet security organization Checkmarx’s  “Game of Hacks” can help you get in the game. In hacking games such as this one, you’re not playing at your own job. Instead you’re the bad guy, testing your knowledge of vulnerabilities and finding out just how quickly you can find a flaw in a piece of code. By incorporating the latest vulnerabilities as well as the OWASP Top 10, players can submit their own questions and insecure code and learn just about all there is to know about bettering the security of their organization. Since no game is fun without a healthy challenge, hacking games allow you to challenge friends and colleagues to see who reigns supreme in your organization’s hacking universe.

Altogether, gamification makes for an engaging and interactive experience that’s as fun as it is informative and educational. So don’t worry about doing something that may seem as though you’re hardly working – take responsibility and play games on the job. It can help you develop professionally and even impact on your organization’s security in the future.

Leave a Comment