Image
Cybersecurity, gamification and culture

Cybersecurity, gamification and culture

Dear readers, on the occasion of the anniversary of its launch, today we are going to make reference in this new blog entry to a very special initiative, a commitment to establish, through different gamification techniques, a culture of cybersecurity that allows all types of users to navigate cyberspace safely. In this way, the aim is to advocate the use of good practices in the use of all the resources offered by this dimension, defending the incorporation of attractive and innovative learning tools, while at the same time reviewing the different historical milestones in the field. This is, no more and no less, the role-playing game Karma. 

The Karma initiative has been designed by different teachers and researchers and has the collaboration of several professionals from the most diverse sectors, among which Entelgy Innotec Security has had the pleasure of participating. Karma has been conceived to allow players to enter into different historical scenarios to promote learning about different societies and important events throughout any period in the history of mankind. 

Contrary to the aspects that traditionally characterise role-playing games, such as races, classes, levels, skills, magic or bestiary, among others, Karma lacks all of them, which is perhaps a strange bet for the most veteran players, although it can also be conceived as a challenge and, in short, a new way of conceiving role-playing. What this initiative does have is the richest and most extensive campaign environment in the world, as the environment is configured, generated, by each of the people who inhabit our universe.

The first thing to highlight about Karma is that, as it is such a collaborative venture, it is made up of many different publications and manuals that enrich it periodically. Therefore, it is not a static initiative; on the contrary, what characterises it most is its dynamism, its continuous development and its evolutionary path. A never-ending story - in this case a game - from which something new can always be extracted.

With this in mind, Karma consists, first of all, of several manuals on gameplay for anyone who wants to get into this field, designed for all kinds of people: from those who are taking their first steps in the role-playing scenario, to those who are more experienced in the field. These starter manuals describe the basic aspects of any role-playing game that might be generated, such as the players' purpose within the game, which would be to play a particular character and take the actions that, according to their personality and characteristics, they would be most likely to take (i.e. they should act according to their character's designs rather than proceed according to their own individual and personal standards); how to generate, create and attribute abilities, specialisations and traits to the characters they are going to manage; how to calculate the probability of success or failure of the actions the players wish their characters to perform; and a long etcetera with which we encourage you to participate in this initiative.

Now, what does all this have to do with cybersecurity? As previously explained, Karma is made up of game manuals, yes, but also adventures, campaigns and supplements that enrich the activity. Thus, one can find campaigns that would take the players, always guided by their narrator, to the Spanish War of Independence, in an attempt to rescue the memorable Agustina de Aragón; to the American War of Secession, to the tyrannical region of Belfast in the early 1980s or to the German Wehrmacht forces that in 1941 would invade the Soviet Union from the Baltic Sea to the Urals, among many other adventures that the participants of this enigmatic game will be able to experience.

Without further preambles, it is in the supplements section where you can acquire the basis for developing a campaign whose main focus is on cyberspace, cybersecurity and cybercrime. Entelgy Innotec Security, in a bid to promote a culture of cybersecurity within everyone's reach, has developed the supplement Cybersecurity Expert's Toolbox, where you can find out - or, much more interestingly, become a part of - how you can become a cybersecurity expert, become a part of - how various historical milestones in the history of cybersecurity unfolded, such as the destruction of the centrifuges at the Natanz nuclear power plant in 2010, the emergence of massive and ongoing data breaches, which would come to affect organisations such as the NSA; the emergence of different threat actors that popularised the term APT (Advance Persistent Threat); cyberattacks against well-known companies such as Sony Pictures and Hollywood celebrities; and the pinnacle of cybercrime, which was reached by the WannaCry and NotPetya ransomware families and whose impact is still visible today. In addition, in this supplement you will find tips and advice on how to make adventures in cyberspace appealing to potential players and storytellers. It will even be possible to incorporate already developed characters that could be the protagonists of the campaigns that will take place, such as Masoud Daei, Dawn Wood, Lewis Smith, Tom Borrough or Chiara dell Monte.

In short, this supplement is a review of the main milestones in the history of cybersecurity, the basic principles related to the subject and the methodology for incorporating this entire field of knowledge into role-playing games. Therefore, the Cybersecurity Expert's Toolbox, in which Entelgy Innotec Security has had the pleasure of collaborating, aims to build a more cybersecure world by advocating gamification, dynamism and collective participation, given that cybersecurity is a phenomenon in which, whether we like it or not, we are all participants as we live on an interconnected planet.

Bibliography