Abstract:

Cyber security is one of the most important technological and political subjects in the world today, due to almost continuous revelations of incidents and breaches that cause economic damage to many institutions, states and users of electronic communications. To prevent these threats the cyber security technology in the last 20 years has started to rapidly change the scene of cybercrime. Cyber security technology is shaping the way that technology impacts on the business and the industry with components that provide more secure processing and work.

Cyber security education is today becoming a new field of application treated in the literature as meta-science due to the interdisciplinarity where new educational approaches are applied with use of serious games. In this paper we are discussing the need for enhanced education and training of Cyber security professional and the general public due to the lack of these skills among the European work force. The latest reports about the role-playing-games in the training process of cyber security students have shown that this type of tool is especially well-suited for the training process in that area. The internet search and the review of various articles from cyber security domains have shown that there is a wide number of video games that teach cyber security principles, skills and basic knowledge. Video games used in the education and training are referred to be known as serious games (they usually offer some type of entertainment but their purpose is to enhance the learning of the trained subject).

The undertaken analysis has shown that the education level of the games differs very much, as some of them are suitable just for children audience, teaching young children how to stay safe on internet, while the rest of the games are more demanding and are focused on obtaining the fundamental cyber security skills and knowledge. Our study presented in the paper has developed the parameters that enable the game evaluation in both aspects: the technical requirements (8 parameters) and the educational and learning capability (12 parameters).

The study was carried out on a group of selected games (12) from each of the known classification of “group of five” (Capture the flag group, Firewall group, General group, The Network group and The Table Top group) developed by TULIPS (Technology Usability Lab in Privacy and Security (https://groups.inf.ed.ac.uk/tulips/)) that were available for play. The outcome results presented in the paper are providing good overview of the current offer. The evaluation has shown that despite some deficiency, the games in the area of cyber security are providing a good student training for both the general public, industry and businesses. With the results of evaluated games, we have been discussed at which educational level cyber security games should be embedded in order to satisfy the increased demand for cyber security skill labour force. However, it was also noticed that compared with other educational fields where serious games are successfully used, the field of cyber security was left behind as the offer is still very modest.

Keywords:

Cyber security, game-based learning, e-learning, serious games, technology enhanced learning, learnability.