SlideShare a Scribd company logo

We're All Winners--Gamification and Security Awareness

Download as PPTX, PDF
Ben Woelk, CISSP, CPTC
Ben Woelk, CISSP, CPTC

Many experts agree that engaged learners have better retention. Security Awareness programs are often seen only in the context of the information we provide to our audiences. Annual compliance training may not lead to changed behavior. What can we do differently? What does gamification mean for security awareness training and communication. The presenter will discuss opportunities to introduce gamification into security awareness activities. He'll share from specific gamification initiatives undertaken at the Rochester Institute of Technology to increase user awareness. These activities include the development of a Digital Self Defense Dojo, an escape room, and positively-reinforced simulated phishing exercises.

1 of 35
© 2019 Ben Woelk https://youtu.be/cRTaksvIpUg
© 2019 Ben Woelk What is Gamification?
© 2019 Ben Woelk Why Gamify Security Awareness?
© 2019 Ben Woelk Changing the Culture Build strong roots
© 2019 Ben Woelk Build on Foundation •DSD classes •Monthly topics •Social media •Leverage events
© 2019 Ben Woelk Inspiration
© 2019 Ben Woelk DSD Dojo
© 2019 Ben Woelk Digital Self Defense (DSD) Dojo
© 2019 Ben Woelk Dojo Goals •Socialize best practices •Increase training participation
© 2019 Ben Woelk Structure •Badges and Belts •Website •Physical Badges •Gift Cards
© 2019 Ben Woelk
© 2019 Ben Woelk Escape Room
© 2019 Ben Woelk Goals •Leverage escape room popularity •Educate about phishing •Educate about passphrases
© 2019 Ben Woelk Structure •Portable •7 Puzzles •Various locks •USB drive •Fishing game •Email samples
© 2019 Ben Woelk Self Phishing
© 2019 Ben Woelk  Improve end user recognition of phishes  Improve timeliness of reporting  Improve baseline detection rate by 25% • For example, 70% detection rate to 87.5%, NOT 70% to 95% Goals
© 2019 Ben Woelk Guiding Principles  Self Phishing  Positive Experience  Non punitive  Anonymized results 18
© 2019 Ben Woelk
© 2019 Ben Woelk Phish Handling Communications
© 2019 Ben Woelk PhishBowl
© 2019 Ben Woelk Phishing Program Structure  Initial Announcement  Division/Department  3 and 1  Follow up presentations
© 2019 Ben Woelk Reporting Results • Ignored • Reported • Reported in First Minute 2018 12 Delivery 2018 12 File 2018 12 Maintena nce 2019 02 Order 2019 03 Credit 2019 03 Gloogle Doc All 2019 03 Quarentin e 2019 04 Red Light ALL 2019 05 Office 365 Invoice ALL 2019 06 Mailbox Full All 2019 07 Ransomw are All F&A Average Ignored 94% 100% 99% 92% 97% 99% 99% 96% 94% 91% 99% 91% Reported 18% 24% 19% 35% 35% 12% 25% 36% 8% 30% 4% 14% Reported in First Minute 14% 18% 12% 16% 14% 12% 10% 10% 8% 11% 4% 4% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Phishing (by template) Ignored Reported Reported in First Minute
© 2019 Ben Woelk Phish First-minute reports First-minute report rate Reported Report Rate Ignored Ignore Rate 2019 03 Credit 15 14% 37 35% 102 97% 2019 03 Gloogle Doc All 12 12% 12 12% 101 99% 2019 03 Quarantine 10 10% 26 25% 104 99% Sample Department Results
© 2019 Ben Woelk
© 2019 Ben Woelk New Student Orientation
© 2019 Ben Woelk
© 2019 Ben Woelk and…
© 2019 Ben Woelk
© 2019 Ben Woelk Snapchat Filters and Geofencing
© 2019 Ben Woelk
© 2019 Ben Woelk Discussion •Should you gamify? •What would you gamify? •What would you not gamify?
© 2019 Ben Woelk Ben.woelk@rit.edu www.rit.edu/Security 34
© 2019 Ben Woelk References• Jessica Barker, "The Human Nature of Cybersecurity," EDUCAUSE Review, May 20, 2019. • Julianne Basinger, A Campus Culture of Cybersecurity, (Washington DC: The Chronicle of Higher Education, 2019). • Valerie Vogel, "Security Awareness Made Simple: 2019 Security Awareness Campaign Materials," Security Matters (blog), EDUCAUSE Review, December 17, 2018. • Ben Woelk, "Building a Culture of Digital Self Defense," Security Matters (blog), EDUCAUSE Review, September 20, 2016. • Ben Woelk, “Wind, Trees, and Security Awareness" Security Matters (blog), EDUCAUSE Review, September 13, 2019.

Recommended

My First and Next Nonprofit Video
My First and Next Nonprofit VideoMy First and Next Nonprofit Video
My First and Next Nonprofit VideoBrian Oster
 
Turning Parents into Partners SLIDES
Turning Parents into Partners SLIDESTurning Parents into Partners SLIDES
Turning Parents into Partners SLIDES
Anthony Prince
 
How The Platform Model is Transforming Retail
How The Platform Model is Transforming RetailHow The Platform Model is Transforming Retail
How The Platform Model is Transforming Retail
Clémence Pierunek
 
#Vi donate pdf
#Vi donate pdf#Vi donate pdf
#Vi donate pdfEverTrue
 
Free Webinar: How YOU Can Create Videos for Your Website
Free Webinar: How YOU Can Create Videos for Your WebsiteFree Webinar: How YOU Can Create Videos for Your Website
Free Webinar: How YOU Can Create Videos for Your Website
June Bachman
 
NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...
NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...
NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...
Tim Sarrantonio
 
"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi
"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi
"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi
AppFolio
 
Rally Webinar: Creative Seasonal Hiring Strategies
Rally Webinar: Creative Seasonal Hiring StrategiesRally Webinar: Creative Seasonal Hiring Strategies
Rally Webinar: Creative Seasonal Hiring Strategies
Rally Recruitment Marketing
 

Recommended

My First and Next Nonprofit Video
My First and Next Nonprofit VideoMy First and Next Nonprofit Video
My First and Next Nonprofit VideoBrian Oster
 
Turning Parents into Partners SLIDES
Turning Parents into Partners SLIDESTurning Parents into Partners SLIDES
Turning Parents into Partners SLIDES
Anthony Prince
 
How The Platform Model is Transforming Retail
How The Platform Model is Transforming RetailHow The Platform Model is Transforming Retail
How The Platform Model is Transforming Retail
Clémence Pierunek
 
#Vi donate pdf
#Vi donate pdf#Vi donate pdf
#Vi donate pdfEverTrue
 
Free Webinar: How YOU Can Create Videos for Your Website
Free Webinar: How YOU Can Create Videos for Your WebsiteFree Webinar: How YOU Can Create Videos for Your Website
Free Webinar: How YOU Can Create Videos for Your Website
June Bachman
 
NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...
NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...
NetSquared Tech Valley - Digital Engagement in the age of FaceTime, SnapChat,...
Tim Sarrantonio
 
"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi
"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi
"Tips to Soar This Leasing Season" featuring Amy Kosnikowshi
AppFolio
 
Rally Webinar: Creative Seasonal Hiring Strategies
Rally Webinar: Creative Seasonal Hiring StrategiesRally Webinar: Creative Seasonal Hiring Strategies
Rally Webinar: Creative Seasonal Hiring Strategies
Rally Recruitment Marketing
 
Exploring Career Paths in Cybersecurity for Technical Communicators
Exploring Career Paths in Cybersecurity for Technical CommunicatorsExploring Career Paths in Cybersecurity for Technical Communicators
Exploring Career Paths in Cybersecurity for Technical Communicators
Ben Woelk, CISSP, CPTC
 
Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual Workforce
Ben Woelk, CISSP, CPTC
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Ben Woelk, CISSP, CPTC
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership Opportunities
Ben Woelk, CISSP, CPTC
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected Stories
Ben Woelk, CISSP, CPTC
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for Success
Ben Woelk, CISSP, CPTC
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self Defense
Ben Woelk, CISSP, CPTC
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted Leadership
Ben Woelk, CISSP, CPTC
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
Ben Woelk, CISSP, CPTC
 
Digital self defense 101 me rit
Digital self defense 101 me ritDigital self defense 101 me rit
Digital self defense 101 me rit
Ben Woelk, CISSP, CPTC
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald City
Ben Woelk, CISSP, CPTC
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and Yourself
Ben Woelk, CISSP, CPTC
 
An Introvert's Journey to Leadership
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to Leadership
Ben Woelk, CISSP, CPTC
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminar
Ben Woelk, CISSP, CPTC
 
Digital Self Defense at RIT
Digital Self Defense at RITDigital Self Defense at RIT
Digital Self Defense at RIT
Ben Woelk, CISSP, CPTC
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and Parents
Ben Woelk, CISSP, CPTC
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR Professionals
Ben Woelk, CISSP, CPTC
 
Succession Planning and Volunteering
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and Volunteering
Ben Woelk, CISSP, CPTC
 
Digital Self Defense
Digital Self DefenseDigital Self Defense
Digital Self Defense
Ben Woelk, CISSP, CPTC
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014
Ben Woelk, CISSP, CPTC
 
Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 

More Related Content

More from Ben Woelk, CISSP, CPTC

Exploring Career Paths in Cybersecurity for Technical Communicators
Exploring Career Paths in Cybersecurity for Technical CommunicatorsExploring Career Paths in Cybersecurity for Technical Communicators
Exploring Career Paths in Cybersecurity for Technical Communicators
Ben Woelk, CISSP, CPTC
 
Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual Workforce
Ben Woelk, CISSP, CPTC
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Ben Woelk, CISSP, CPTC
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership Opportunities
Ben Woelk, CISSP, CPTC
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected Stories
Ben Woelk, CISSP, CPTC
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for Success
Ben Woelk, CISSP, CPTC
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self Defense
Ben Woelk, CISSP, CPTC
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted Leadership
Ben Woelk, CISSP, CPTC
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
Ben Woelk, CISSP, CPTC
 
Digital self defense 101 me rit
Digital self defense 101 me ritDigital self defense 101 me rit
Digital self defense 101 me rit
Ben Woelk, CISSP, CPTC
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald City
Ben Woelk, CISSP, CPTC
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and Yourself
Ben Woelk, CISSP, CPTC
 
An Introvert's Journey to Leadership
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to Leadership
Ben Woelk, CISSP, CPTC
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminar
Ben Woelk, CISSP, CPTC
 
Digital Self Defense at RIT
Digital Self Defense at RITDigital Self Defense at RIT
Digital Self Defense at RIT
Ben Woelk, CISSP, CPTC
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and Parents
Ben Woelk, CISSP, CPTC
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR Professionals
Ben Woelk, CISSP, CPTC
 
Succession Planning and Volunteering
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and Volunteering
Ben Woelk, CISSP, CPTC
 
Digital Self Defense
Digital Self DefenseDigital Self Defense
Digital Self Defense
Ben Woelk, CISSP, CPTC
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014
Ben Woelk, CISSP, CPTC
 

More from Ben Woelk, CISSP, CPTC (20)

Exploring Career Paths in Cybersecurity for Technical Communicators
Exploring Career Paths in Cybersecurity for Technical CommunicatorsExploring Career Paths in Cybersecurity for Technical Communicators
Exploring Career Paths in Cybersecurity for Technical Communicators
 
Creating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual WorkforceCreating a Sense of Belonging--Engaging the Virtual Workforce
Creating a Sense of Belonging--Engaging the Virtual Workforce
 
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptxCreating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
Creating a Sense of Belonging--Engaging the Virtual Workforce Summit.pptx
 
Saying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership OpportunitiesSaying "Yes, and...?" to Leadership Opportunities
Saying "Yes, and...?" to Leadership Opportunities
 
Perspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected StoriesPerspectives on Mentoring: Selected Stories
Perspectives on Mentoring: Selected Stories
 
The Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for SuccessThe Introvert in the Workplace--Strategies for Success
The Introvert in the Workplace--Strategies for Success
 
Building a Culture of Digital Self Defense
Building a Culture of Digital Self DefenseBuilding a Culture of Digital Self Defense
Building a Culture of Digital Self Defense
 
Harnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted LeadershipHarnessing Your Innate Strengths--Introverted Leadership
Harnessing Your Innate Strengths--Introverted Leadership
 
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
The Introvert in the Workplace: Becoming an Influencer and Leader #STC18
 
Digital self defense 101 me rit
Digital self defense 101 me ritDigital self defense 101 me rit
Digital self defense 101 me rit
 
Follow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald CityFollow the yellow brick road: A Leadership Journey to the Emerald City
Follow the yellow brick road: A Leadership Journey to the Emerald City
 
Collaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and YourselfCollaborating securely: Protecting Your Community and Yourself
Collaborating securely: Protecting Your Community and Yourself
 
An Introvert's Journey to Leadership
An Introvert's Journey to LeadershipAn Introvert's Journey to Leadership
An Introvert's Journey to Leadership
 
Digital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminarDigital self defense iia isaca it audit seminar
Digital self defense iia isaca it audit seminar
 
Digital Self Defense at RIT
Digital Self Defense at RITDigital Self Defense at RIT
Digital Self Defense at RIT
 
Cyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and ParentsCyber Safety for Middle School Students and Parents
Cyber Safety for Middle School Students and Parents
 
Staying Safe Online for HR Professionals
Staying Safe Online for HR ProfessionalsStaying Safe Online for HR Professionals
Staying Safe Online for HR Professionals
 
Succession Planning and Volunteering
Succession Planning and VolunteeringSuccession Planning and Volunteering
Succession Planning and Volunteering
 
Digital Self Defense
Digital Self DefenseDigital Self Defense
Digital Self Defense
 
Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014Shockproofing your Use of Social Media: 2014
Shockproofing your Use of Social Media: 2014
 

Recently uploaded

Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
Atul Kumar Singh
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
Jisc
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
JosvitaDsouza2
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
Jisc
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 

Recently uploaded (20)

Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.Language Across the Curriculm LAC B.Ed.
Language Across the Curriculm LAC B.Ed.
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...How libraries can support authors with open access requirements for UKRI fund...
How libraries can support authors with open access requirements for UKRI fund...
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx1.4 modern child centered education - mahatma gandhi-2.pptx
1.4 modern child centered education - mahatma gandhi-2.pptx
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
The approach at University of Liverpool.pptx
The approach at University of Liverpool.pptxThe approach at University of Liverpool.pptx
The approach at University of Liverpool.pptx
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 

We're All Winners--Gamification and Security Awareness

  • 1.
  • 2. © 2019 Ben Woelk https://youtu.be/cRTaksvIpUg
  • 3. © 2019 Ben Woelk What is Gamification?
  • 4. © 2019 Ben Woelk Why Gamify Security Awareness?
  • 5. © 2019 Ben Woelk Changing the Culture Build strong roots
  • 6. © 2019 Ben Woelk Build on Foundation •DSD classes •Monthly topics •Social media •Leverage events
  • 7. © 2019 Ben Woelk Inspiration
  • 8. © 2019 Ben Woelk DSD Dojo
  • 9. © 2019 Ben Woelk Digital Self Defense (DSD) Dojo
  • 10. © 2019 Ben Woelk Dojo Goals •Socialize best practices •Increase training participation
  • 11. © 2019 Ben Woelk Structure •Badges and Belts •Website •Physical Badges •Gift Cards
  • 12. © 2019 Ben Woelk
  • 13. © 2019 Ben Woelk Escape Room
  • 14. © 2019 Ben Woelk Goals •Leverage escape room popularity •Educate about phishing •Educate about passphrases
  • 15. © 2019 Ben Woelk Structure •Portable •7 Puzzles •Various locks •USB drive •Fishing game •Email samples
  • 16. © 2019 Ben Woelk Self Phishing
  • 17. © 2019 Ben Woelk  Improve end user recognition of phishes  Improve timeliness of reporting  Improve baseline detection rate by 25% • For example, 70% detection rate to 87.5%, NOT 70% to 95% Goals
  • 18. © 2019 Ben Woelk Guiding Principles  Self Phishing  Positive Experience  Non punitive  Anonymized results 18
  • 19. © 2019 Ben Woelk
  • 20. © 2019 Ben Woelk Phish Handling Communications
  • 21. © 2019 Ben Woelk PhishBowl
  • 22. © 2019 Ben Woelk Phishing Program Structure  Initial Announcement  Division/Department  3 and 1  Follow up presentations
  • 23. © 2019 Ben Woelk Reporting Results • Ignored • Reported • Reported in First Minute 2018 12 Delivery 2018 12 File 2018 12 Maintena nce 2019 02 Order 2019 03 Credit 2019 03 Gloogle Doc All 2019 03 Quarentin e 2019 04 Red Light ALL 2019 05 Office 365 Invoice ALL 2019 06 Mailbox Full All 2019 07 Ransomw are All F&A Average Ignored 94% 100% 99% 92% 97% 99% 99% 96% 94% 91% 99% 91% Reported 18% 24% 19% 35% 35% 12% 25% 36% 8% 30% 4% 14% Reported in First Minute 14% 18% 12% 16% 14% 12% 10% 10% 8% 11% 4% 4% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Phishing (by template) Ignored Reported Reported in First Minute
  • 24. © 2019 Ben Woelk Phish First-minute reports First-minute report rate Reported Report Rate Ignored Ignore Rate 2019 03 Credit 15 14% 37 35% 102 97% 2019 03 Gloogle Doc All 12 12% 12 12% 101 99% 2019 03 Quarantine 10 10% 26 25% 104 99% Sample Department Results
  • 25. © 2019 Ben Woelk
  • 26. © 2019 Ben Woelk New Student Orientation
  • 27. © 2019 Ben Woelk
  • 28. © 2019 Ben Woelk and…
  • 29.
  • 30. © 2019 Ben Woelk
  • 31. © 2019 Ben Woelk Snapchat Filters and Geofencing
  • 32. © 2019 Ben Woelk
  • 33. © 2019 Ben Woelk Discussion •Should you gamify? •What would you gamify? •What would you not gamify?
  • 34. © 2019 Ben Woelk Ben.woelk@rit.edu www.rit.edu/Security 34
  • 35. © 2019 Ben Woelk References• Jessica Barker, "The Human Nature of Cybersecurity," EDUCAUSE Review, May 20, 2019. • Julianne Basinger, A Campus Culture of Cybersecurity, (Washington DC: The Chronicle of Higher Education, 2019). • Valerie Vogel, "Security Awareness Made Simple: 2019 Security Awareness Campaign Materials," Security Matters (blog), EDUCAUSE Review, December 17, 2018. • Ben Woelk, "Building a Culture of Digital Self Defense," Security Matters (blog), EDUCAUSE Review, September 20, 2016. • Ben Woelk, “Wind, Trees, and Security Awareness" Security Matters (blog), EDUCAUSE Review, September 13, 2019.

Editor's Notes

  1. https://youtu.be/cRTaksvIpUg
  2. the application of typical elements of game playing (e.g. point scoring, competition with others, rules of play) to other areas of activity, typically as an online marketing technique to encourage engagement with a product or service
  3. programmatic approach  not enough to communicate only about specific cyberattacks (gusts) as they occur