Abstract:

Cybersecurity incidents pose a significant threat to businesses, particularly small and medium-sized enterprises (SMEs) or startups which often lack the necessary expertise to respond effectively. To address this challenge, we present ReACD (Response to Attacks and Cyber Disruptions), a serious multiplayer game designed to train employees in reacting appropriately to cyberattacks and data breaches. This paper outlines the transition from real-world use cases to an engaging game design, ensuring that players experience realistic cyber incidents in a controlled, risk-free environment.

ReACD is structured as a cooperative multiplayer experience, where participants must assess threats, make critical decisions, and implement response strategies under time pressure. The game leverages scenario-based learning, simulating various attack vectors such as phishing, ransomware, and identity theft. By incorporating gamification elements, such as real-time feedback, role-based challenges, and adaptive difficulty, ReACD enhances learning retention and decision-making skills.

This paper discusses the game development process, including the transformation of cybersecurity best practices into interactive mechanics, the challenges of balancing realism with playability, and the effectiveness of the game in improving organizational preparedness.

Keywords:

Game Based Learning, Serious Games, Cybersecurity, Training, Gamification.