Publications

A short article discussing cybersecurity awareness and training for staff, featuring the Cyber Defence Dice.

This paper presents the concept of Hacker Whacker, a large format physical game which offers an entertaining way of provoking interest in cybersecurity and delivering baseline awareness-raising in a fun and interactive manner. The system provides a short game activity, whereby the user must determine whether a cybersecurity concept (e.g., malware, software updates, phishing) is either good or bad and hit the corresponding light. The player’s score is tracked throughout their gameplay and, as their score improves, the game becomes increasingly more fast-paced requiring them to identify the concepts more promptly.

Cybersecurity awareness is widely recognised as an important requirement, but is frequently overlooked or addressed in ways that do not engage the interest of the target audience. In an attempt to broaden the options available for achieving this, the paper discusses the concept, design and evaluation of a new dice-based game designed to promote entry-level cyber security awareness in relation to common forms of attack and defence. The concept of the game is that players can defend against prior attacks, or use attacks to test defences, with the images on the different die faces denoting threats and safeguards of different strengths and which are countered in different ways. The discussion includes a worked example of one of the game modes that has been designed in order to illustrate how players would take turns and make decisions in practice. It then presents initial results from a series of seven hands-on playtest sessions conducted with a range of audiences, including the general public, cyber educators and cyber professionals. The findings indicate that all audiences were positive about the game concept and found it enjoyable to play. Additionally, it was recognised to have value in raising and maintaining awareness, and would be a game that participants would play again and recommend to others.

A team of UK researchers explored how gamifying cyber security awareness training might transform mundane compliance into an engaging and memorable experience.

This short paper (supporting an invited presentation at the WISE 2025 conference) summarises a series of cybersecurity awareness activities, which have been designed to offer short but meaningful opportunities for layperson users to build basic cybersecurity awareness. The three activities - Password Strength Meter, Hacker Whacker game, and Cyber Defence Dice game - have been used in various public-facing events, and collectively demonstrate success in delivering cybersecurity awareness in a fun and engaging manner.