The Cybersecurity Game Master : From Role Playing Games to Tabletop Exercises that Engage and Inspire (Paperback)

Part 1: From Facilitator to Cybersecurity Game Master. Chapter 1: The Purpose of Tabletop Exercises. What is a tabletop exercise (TTX)?. The documents. No documents? No problem!. References. Chapter 2: Planning and Running a TTX. Using NIST800-61 to drive TTX design. TTX Example 1. Using the MITRE ATT&CK framework to articulate realistic threats. TTX Example 2. Limitations of TTX in a corporate environment. References. Chapter 3: An Introduction to Gamification, Fun, and Role-Playing Games. Understanding Players and "Fun". The Origins of Role-Playing Games. The Inner Workings of an RPG. References. Chapter 4: Putting the RPG into the TTX. The Cybersecurity RPG Classes. Stats and Skills. Applying the System. RPG-TTX Example: Data Breach. Chapter 5: Making the most out of an RPG-TTX. Creating Relevant and Engaging Cybersecurity Quests. How to debrief players. How to Measure Success: a Cybersecurity Game Master's Perspective. Intermezzo - Chapter 6: Expert Interviews. Prof. Dr. Agostino Bruzzone, University of Genoa. Ms. Francesca Bosco, Cyber Peace Institute. Part 2: Sample Documents and Quests. Chapter 7: The Documents. Incident Response Plan (IRP). Incident Playbook: Distributed Denial of Service (DDOS) Attack. Incident Playbook: Malware Infection via Phishing. Incident Playbook: Ransomware Attack. Chapter 8: The Great Blackout: a DDOS Crisis. The Quest. Comments and Additional Ideas. Chapter 9: The Silent Intruder: a Spear-Phishing APT Attack. The Quest. Comments and Additional Ideas. Chapter 10: To RDP or not to RDP? A Ransomware Crisis. The Quest. Comments and Additional Ideas. Appendix A: Incident Response Plan Template. Appendix B: Incident Playbook Template. Appendix C: RPG-TTX Character Sheet. Appendix D: Pre-Rolled Characters.