Playing for Keeps – Cyber Wargames

It’s 3:00 am. You’re sleeping, or trying to sleep anyway.

Your phone buzzes and comes to life, lighting up your nightstand.

As you reach for your phone, you know this can’t be good.

The panicked voice on the line delivers the news: “We’ve been breached. Our network has been compromised.”

You’re lucky. It’s only a game. This time.

Breached! is a Booz Allen-developed cyber wargame—a realistic, live simulation that begins with a video depicting the dreaded call alerting you to a major cyber crisis at your company. You and the other players act out roles as members of the C-suite (Chief Operating Officer, Chief Information Officer, Chief Risk Officer, HR Director, General Counsel, etc.) As many as 200 people can play in teams of 8 to 10.

Details bring the game to life. Players receive company profiles, role descriptions, problem areas, financial figures, and investor relations information for the fictional company they represent. Game “moves” include the hackers stealing company data, corrupting email systems, issuing ransom demands, and more. You and your “company team” must make business decisions to steer the entire enterprise through the fictionalized attack.

“The role-playing element is actually fun,” says Senior Associate Jeffrey Roth, who has customized and directed wargames and disaster simulations for more than 14 years. “Your imagination is doing a lot of the heavy lifting and once the scenario is laid out, your mind will fill in the rest.”

Breached! gives players the chance to develop and exercise their cyber response strategies—before it’s too late. The IT networks of some of the country’s largest retailers, financial institutions, and government agencies are breached on a regular basis, with cyber criminals launching malicious software and stealing sensitive customer data as the world watches.

In many cases of large-scale cybercrime like this, company officials weren’t prepared and didn’t manage the crisis well. Sluggish technical responses, media missteps, and legal liabilities led to frightened customers, angry stockholders, and, ultimately, a huge drop in sales.

Breached! players experience a cyber attack “from a perspective they’ve never had,” says Lead Associate and Project Manager Howard Foard, who led design and delivery. “They get to step outside of their typical role and a lot of players tell us ‘this really opened my eyes, I’m scared now,’” he says.

Wargaming was born and lived for a long time in the world of military planning, a service Booz Allen offered exclusively to our Department of Defense clients. But we saw a need for a realistic educational game in the world of cybersecurity too. We took Breached! out to play at the 2015 and 2016 RSA Conferences; we’re working with a number of Fortune 500 clients in the technology, financial, and retail industries who’ve had to contend with cyber attacks. We are also expanding Breached! internationally, including in Singapore.

Breached! is just one example of Booz Allen’s work—our experts have decades of expertise in experiential design, simulation, facilitation, and analytical techniques that pull together the latest innovations in technology and learning theory. Employees’ passion for client service and continuous learning propels them to build each wargame and exercise in a tailored approach that fits an organization’s needs and mission. Find more information at http://boozallen.com/exercisedesign.