Cybersecurity tabletop board game pits hackers vs. defenders
Photo: Pro Se Practice
A new board game billed as the first of its kind aims to bring the fun and excitement of cybersecurity tabletop exercises to your living room.
WHY IT MATTERS
Guardians of the Grid was created by the nonprofit Pro Se Practice, which is hoping to crowdsource at least $20,000 on Kickstarter to get the cybersecurity game launched.
"Drawing on real-life incidents and industry-trusted frameworks like MITRE ATT&CK, CIS Top 10 and the NIST 800 series, Guardians of the Grid presents a thrilling duel between the cunning red team, embodying hackers, and the valiant blue team, symbolizing the defenders," according to the campaign.
The company lists Aaron Weismann, chief information security officer at Philadelphia-based Main Line Health, as its CEO and founder.
The game would come with a generic incident response binder – "a playbook detailing exactly what to do to deal with and recover from the disaster." It addresses malware propagation, file and operations recovery, insurance and payment negotiation advice, and how to communicate with the public and stakeholders, according to the campaign's FAQ.
If the company reaches its second funding goal, additional "booster packs" would offer scenarios from real-world threat actors and events. They'll include some based on cyber gangs that have a history of attacking healthcare organizations – LockBit, REvil, BlackCat, Ryuk and others.
The all-or-nothing crowdsource funding campaign is running until November 10 with a goal of $20,000.
If Pro Se Practice reaches $75,000 in funds raised, it will make specialized modules for key sectors – including healthcare, finance and utilities, the company said.
"Patient records, medical devices and critical care systems are increasingly under cyber threat," said Pro Se Practice.
"In the healthcare module, you'll navigate the sensitive and complex web of medical data security, focusing on protecting lives and privacy."
Some of the imagery will be generated by artificial intelligence, but none of the written content or gameplay will be AI-generated, the company noted.
THE LARGER TREND
Tabletop exercises are highly recommended by cybersecurity experts across industries.
At the HIMSS Cybersecurity Forum in Boston last week, Margie Zuk, senior principal cybersecurity engineer at MITRE, said hospitals need to do them regionally to prepare for ransomware attacks that cause extended downtimes and urged attendees to consult the updated playbook: Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook.
"Healthcare delivery organizations regularly exercise for mass casualty and other clinical events – and that same type of focus and rigor should be applied to preparation for a cyberattack," she told Healthcare IT News last month ahead of the session on revamping your cybersecurity strategy for 2023 and beyond.
"With patient safety potentially on the line, it’s something our community can’t focus on enough."
ON THE RECORD
"Preparing for disaster is key, and I'll help you understand how to do that," says Pro Se Practice about Guardians of the Grid in its FAQ.