Ocean’s 99 Cybersecurity Simulation Training

Ocean’s 99 Cybersecurity Simulation Training

Professional Business Simulations, or serious games, are interactive workshops in which teams of employees work on challenging issues within a simulated environment. The environment can be the same or a totally different context to the ‘normal’ working environment. In a simulation each participant will play a role and has specific tasks, responsibilities and authority.

Participants must discuss and agree how they will work together as a team. Our Business Simulations are facilitated by trainers who provide the team with support and instructions and who also helps the team reflect on their experiences and what they have learned. The facilitator can also help reflect on how to translate the learning points into the participants own working environment.

Simulations are played in a number of rounds so that participants can see, feel and experience improvements as the simulation progresses. It is the reflection moments between rounds when people learn and make improvement choices that will have an impact in the next round.

IT Cyber Security & Resilience Simulation
itSM’s Oceans99 simulation can be used to create broad awareness with both IT and non-IT staff on the importance of ‘behavior’ and ‘ discipline’ as well as how to translate security and risk theory into practice.

This cybersecurity simulation game will:

– Increase understanding of Cyber Security and Resilience
– Understand the importance of Human Behavior in securing your assets
– Experience Security processes in action
– Learn how to apply key Cyber Security processes

Does This Sound Familiar?

As we enter the era of Digital Transformation information is becoming an increasingly critical asset that must be protected. International terrorism and increasing cyber theft and fraud has placed the need for information security high on the agendas of Both governmental and private sector organizations. Information security has been a capability that has been for too long ignored or not given the attention it deserves. Failing to do so is an unacceptable business risk for many organizations but this risk is still not taken as seriously as it should be by many organizations.

Is your organization implementing Information Security processes and measures? Are you worried about the people and behavior issues relating to security? Are you struggling to get Information security on the agenda and taken seriously?

Why are we struggling?

Many organizations think IT technology solutions are the answers to minimize or avoid security risks, but they forget that the behavior of employees are even more important. Many employees do not adhere to the security policy, they don’t see the need, they don’t understand. As a result the company is wide open to being attacked, as security criminals are targeting behavior more and more. Many organizations still do not have effective security awareness initiatives, involving their customers, providers and employees in the early stages of the security programs. As a result there is a lack of understanding and the program is often seen as an IT program, not as a corporate program. “This Oceans99 simulation is a powerful instrument for creating overall security awareness. It involves employees, it shows the key processes and it creates overall understanding about the key principles of Information Security”

About this Ocean’s 99™ simulation

Scenario The owner of a Tokyo Bank has decided to organize an exhibition of 3 world famous art objects in the Tokyo Museum. A criminal team called Oceans99 has plans to steal the objects. The team consisting of museum owners, a transport manager, a security advisor and a project manager is responsible for realizing this project. The team has to develop an information security policy, perform a risks analysis to identify threats, risks and vulnerabilities and execute a strategy for dealing with these risks. The team will transport the objects from the museums to the Tokyo Museum, but Oceans99 is not to be underestimated. After each round the team will receive feedback as to how well they protected the objects and will have time to improve. Will the Sponsor (the Tokyo bank) realize a Return on Investment or will the exhibition become a drama.

Objectives The simulation will be customized towards your specific learning objectives. In general these are the main objectives:

Learn the key processes for managing Cyber Security
Learn how to organize your security roles and responsibilities, both business and IT
Learn how to recognize and deal with all kinds of Cyber Security issues
Learn how to balance different interests with the organization: operations vs security
Learn how security frameworks such Resilia(R) or ISO27001 can be used

Duration of the simulation 1/2 day
Number of participants 8 – 12
Basic expertise No basic knowledge required