Upload File

gamification for security

44
Click to edit Master title style Vera Trubacheva Business Analyst, DLP Research Kaspersky Lab How to make people enjoy security and raise their user awareness via gamification ? Security Analyst Summit 2013, Puerto Rico

Upload: vera-trubacheva

Post on 14-Nov-2014

930 views

Category:

Technology


3 download

Report

Tags:

DESCRIPTION

Even as security controls continue to improve, it is becoming increasingly apparent that humans are a major cause of computer security failures. The "whoops factor" and the "non-deliberate insider" are just two user profiles responsible for the vast majority of global organizations being hit by a virus, worm or breach in the past 12 months. Security awareness training establishes a reputation of being a powerful tool for developing a proactive enterprise security culture within the enterprise. Gamification is the use of game mechanics in nonentertainment environments to improve user awareness, retention and application of security knowledge. Gamification can change user behavior by increasing engagement, building loyalty and encouraging participation. The material will be valuable for security software companies as well as for companies want to improve security culture at the working places. Video: http://www.youtube.com/watch?v=7V-e1G0xqSw

TRANSCRIPT

  • 1. Click to edit Master title style How to make people enjoy securityand raise their user awareness via gamification ? Vera Trubacheva Business Analyst, DLP Research Kaspersky Lab Security Analyst Summit 2013, Puerto Rico

2. How to raise security? Click to edit Master title stylePage 2 Security Analyst Summit 2013, Puerto Rico 3. Humans are the weakest link Click to edit Master title stylePage 3Security Analyst Summit 2013, Puerto Rico 4. Humans are the weakest link Click to edit Master title style70% ofcompaniesnamed humansas their greatest vulnerabilityDeloittePage 4Security Analyst Summit 2013, Puerto Rico 5. Click to edit Masterreduces risks User awareness title styleUser awareness is 1 of top 3 securityinitiatives for big companies for 2013 DeloittePage 5 Security Analyst Summit 2013, Puerto Rico 6. Why traditional training failed? Click to edit Master title style Security training uhh UsersPage 6 Security Analyst Summit 2013, Puerto Rico 7. How to raise security? Click to edit Master title style1. Gamification can raise user awareness2. Gamification can raise peoples loyalty to security policies Gamification can raise securityPage 7 Security Analyst Summit 2013, Puerto Rico 8. Click to edit Master title styleLevels1. What?2. Where?3. How? 9. Click to edit Master title style Level 1:What is gamification? 10. Click to edit Master title stylePage 10Security Analyst Summit 2013, Puerto Rico 11. Gamification is effective Click to edit Master title style70%GartnerPage 11Security Analyst Summit 2013, Puerto Rico 12. Gamification is effective Click to edit Master title style 50% GartnerPage 12Security Analyst Summit 2013, Puerto Rico 13. Gamification is effective Click to edit Master title style1. Education2. Innovation3. Employees performance GartnerPage 13Security Analyst Summit 2013, Puerto Rico 14. Gamification is effective Click to edit Master title style DopaminePleasurePage 14Security Analyst Summit 2013, Puerto Rico 15. Click to edit Master title styleLevel 2:Where is gamification used? 16. Gamification is good for learning Click to edit Master title stylePage 16 Security Analyst Summit 2013, Puerto Rico 17. Gamification is good for learning Click to edit Master title style1. Simulation2. StoriesPage 17 Security Analyst Summit 2013, Puerto Rico 18. Gamification to learn Click to edit Master title styleCyberCIEGE used to teach network securityby US NavyPage 18Security Analyst Summit 2013, Puerto Rico 19. Gamification to learn Click to edit Master title styleCybersecure: Your Medical Practice used to teach how to comply with HIPAAPage 19Security Analyst Summit 2013, Puerto Rico 20. Gamification to learn Click to edit Master title styleAnti-Phishing Phil used by US Airforce andworldwidePage 20Security Analyst Summit 2013, Puerto Rico 21. Clickdoes security education via gamification? Who to edit Master title stylePage 21 Security Analyst Summit 2013, Puerto Rico 22. Clickdoes security education via gamification? Who to edit Master title style Security vendors?Page 22 Security Analyst Summit 2013, Puerto Rico 23. Click to edit Master title style Level 3:How can we use gamification? 24. Click to edit Master title style Lab Gamification at KasperskyPage 24 Security Analyst Summit 2013, Puerto Rico 25. Click to edit Master title style awareness Gamification to raise user1.Train in context2.Tell a story3.Mock situations4.Force to make decisions5.Provide feedbackPage 25Security Analyst Summit 2013, Puerto Rico 26. To raise user awareness Click to edit Master title stylePlay game to learn what phishing isPage 26Security Analyst Summit 2013, Puerto Rico 27. Click to edit Master title style awareness Gamification to raise userIntegration with training from expertsPage 27 Security Analyst Summit 2013, Puerto Rico 28. Click to edit Master title style awareness Gamification to raise user1. Simulated games - easy2. Part of real games - challengePage 28 Security Analyst Summit 2013, Puerto Rico 29. Click to edit Master title style awareness Gamification to raise userPage 29 Security Analyst Summit 2013, Puerto Rico 30. Gamification to comply with policies Click to edit Master title stylePage 30 Security Analyst Summit 2013, Puerto Rico 31. Gamification to comply with policies Click to edit Master title style Security pointsPage 31 Security Analyst Summit 2013, Puerto Rico 32. Gamification to comply with policies Click to edit Master title style Building thingsPage 32 Security Analyst Summit 2013, Puerto Rico 33. Gamification to comply with policies Click to edit Master title stylePage 33 Security Analyst Summit 2013, Puerto Rico 34. Gamification to comply with policies Click to edit Master title stylePage 34 Security Analyst Summit 2013, Puerto Rico 35. Gamification to comply with policies Click to edit Master title styleSecurity statusesPage 35 Security Analyst Summit 2013, Puerto Rico 36. Gamification to comply with policies Click to edit Master title styleSecurity statusesGood ratingBad ratingPage 36 Security Analyst Summit 2013, Puerto Rico 37. Gamification to change behavior Click to edit Master title stylePage 37 Security Analyst Summit 2013, Puerto Rico 38. Gamification to change behavior Click to edit Master title stylePage 38 Security Analyst Summit 2013, Puerto Rico 39. Summary Click to edit Master title style1. Gamification can raise user awareness2. Gamification can raise people loyalty to security policies3. Lets use gamification in our products!Page 39Security Analyst Summit 2013, Puerto Rico 40. Well done! Click to edit Master title style Congrats Winners!Page 40Security Analyst Summit 2013, Puerto Rico 41. Click to edit Master title styleHow to make people enjoy security and raise their user awareness via gamification?Have fun ;)Vera TrubachevaBusiness Analyst, DLP ResearchKaspersky Lab [email protected] +7 495 797 8700 x4201 Security Analyst Summit 2013, Puerto Rico 42. Gamification to change behavior Click to edit Master title stylePage 42 Security Analyst Summit 2013, Puerto Rico 43. Gamification elements Click to edit Master title styleLeader BoardsBadgesPointsChallengesRewardsFeedbackPage 43Security Analyst Summit 2013, Puerto Rico 44. Gamer types Click to edit Master title style1.Achievers2.Socializers3.Explorers4.KillersPage 44Security Analyst Summit 2013, Puerto Rico


Gamification For HR

Gamification for schools explained

Gamification strategies for projects

Gamification of your Global Information Security Operations Center

Gamification For Enterprises

Gamification lecture for #BR4041UL

[Cluj] Information Security Through Gamification

CTF365 - Learning Security Through Gamification

Gamification to Empower Information Security Education · 2017. 12. 19. · Gamification to Empower Information Security Education. AlessandraAntonaci Page 2 Outline ... • Gamification’s

Gamification for Corporate Strategy

Gamification for feedback analysis

Gamification for witi 12.8.11

Gamification for water utilities

GamificationUsing “Science of Habit Cycle” to Transform ... · Using Gamification in Security 17 Gamification is relatively new and is being recently tried out in security Basic

Gamification for Gamers

gamification for beginners?

Gamification for Beginners

About gamification - Information Security Training · About gamification 'The use of design elements characteristic for games in non-game contexts' Take away from e-learning and board

Gamification for Customer Engagement

Gamification for Publishers

Gamification for Business

Gamification - Food for fun

Gamification for marketing

Gamification of Security: Making Security a Game. Spencer Wilcox, CISSP, CPP, SSCP @ brasscount

Anipang for gamification

Gamification for UXI 27.12.11

Gamification for IT Security Training and Awareness Programs...• Gamification has always existed, it works and is here to stay, especially with the largest generation: Millennials

Designing for Successful Gamification

Gamification for Your Brand

Gamification for Sales Reps

Gamification for growth hacking

Gamification for share

Gamification for MediaBarCamp

Use of Gamification in Security Awareness and Training ... · Use of Gamification in Security Awareness and Training Programs Eyvind Garder B Gjertsen Master of Science in Communication

Gamification for PLTG