An unlocked computer, a freely accessible printer or an unknown person in the work environment - cyber attacks often start unspectacularly. This is precisely where the BAKSecure research project of Aalen University of Applied Sciences and the Schwäbisch Gmünd Technical Academy comes in.
At the start of the last project year, the project is presenting two interactive learning games that convey security risks in a practical way. The aim is to sensitize small and medium-sized companies in particular to everyday vulnerabilities - in a low-threshold manner and directly in the work context. Instead of traditional training courses, BAKSecure deliberately uses a playful approach. Employees should not just learn about risks in theory, but actively experience them. "We want to offer a format that is both fun and thought-provoking. Those who are attentive and a little sceptical in everyday life become part of the solution instead of being part of the problem," says project manager Prof. Dr. Marcus Gelderie.
A playful approach to greater safety
The two games take different approaches: In "Security Cards: KRITIS Edition", players take responsibility for cyber security and make strategic decisions under realistic conditions. "StealthSec", on the other hand, enables a change of perspective - here, players act as attackers and exploit typical vulnerabilities such as unattended devices or social engineering situations, e.g. as a fake technician. Both formats are designed to strengthen security awareness in the long term and make companies more resistant to attacks. A third educational game, which deals with risks in supply chains, has already been announced for the summer.
Especially for smaller companies, which often do not have their own IT security departments, such low-threshold offers could become increasingly important. After all, it is not just technology that determines the security of a company, but above all the behavior of employees in their day-to-day work - and this is precisely where the playful approaches of BAKSecure come in.
BAKSecure is part of the "Mittelstand-Digital" funding network, which supports small and medium-sized enterprises with digitalization. The games are available free of charge and without registration: www.baksecure.de/spiele
