30in30 – Post 7 – Gamification of Cybersecurity: A review of tabletop exercise (TTX) card games – part 1

Welcome to the 30-in-30 blog campaign! I’m excited to launch this initiative, which involves publishing a brand new blog post every single day for the next 30 days. I will not mince words about this. It is hard to keep it up, stay engaging, relevant and interactive. More about this campaign is at the end of this article.

Are you tired of the same old cybersecurity training programs that put you to sleep? Do you need a new way to brush up on your incident response skills? Enter tabletop exercises, or TTXs, the games that make cybersecurity training fun and engaging.

TTXs have been around for decades, with their origins in the military and emergency response fields. The idea is to simulate a crisis scenario in a safe, controlled environment, allowing participants to practice their response skills without the risk of real-world consequences. Combine that idea with the fun of a competitive trading card style game, like Magic the Gathering, or Pokemon, and you get a quick and fun cybersecurity training system.

And as cyber threats continue to evolve, TTXs have become an increasingly popular tool for cybersecurity professionals looking to stay sharp and prepared.

There are many different types of TTX card games, but they all share a few key characteristics. Typically, TTXs involve a scenario in which players must respond to a simulated cyber attack, working together to identify and mitigate the threat. Players draw cards that provide information about the attack and their available resources, and must make strategic decisions about how to respond.

Here are four examples of different TTX card games:

Cyber Incident Response Team (CIRT) TTX: This is a classic TTX game that simulates a cyber attack on an organization, and requires players to work together as a CIRT to investigate and respond to the incident. The game includes various scenarios that can be customized to fit the needs of different organizations.

Cybersecurity Attack Simulator (CAST) TTX: In this game, players take on the role of both attackers and defenders, using a combination of physical cards and online tools to simulate a cyber attack. The game includes a wide range of attack scenarios and challenges, making it a great way to test and hone your incident response skills.

Red Team vs. Blue Team TTX: This game pits a red team of attackers against a blue team of defenders, with each team working to achieve their objectives while thwarting the other team’s efforts. The game includes a variety of tools and techniques for both attackers and defenders, making it a great way to learn about the latest threats and defenses.

Cybersecurity Risk Assessment TTX: This game focuses on the risk assessment process, requiring players to evaluate different scenarios and determine the potential impact and likelihood of different types of cyber attacks. The game includes various risk assessment frameworks and tools, making it a great way to practice your risk management skills.

So, why play TTX card games? For one thing, they’re a lot more engaging than traditional training programs, which can often be dry. TTXs allow participants to immerse themselves in a simulated crisis scenario, and to practice their response skills in a safe and controlled environment. And because TTXs are highly customizable, they can be tailored to fit the specific needs and goals of different organizations.

I did a poll on LinkedIn a few weeks ago to get an idea of what people in the security community thought the best TTX card games were. It was a no-contest win with these top two contenders:

Backdoors & Breaches

An Incident Response Card Game, from Black Hills Information Security and Active Countermeasures. Backdoors & Breaches contains 52 unique cards to help you conduct incident response tabletop exercises and learn attack tactics, tools, and methods.

  • The goal is to build conversations
  • Track missing procedures
  • Talk through how your org would handle these issues
  • Not a “Monopoly-Style Game” – actions are not scripted
  • It helps to get into roles


Hackers Epoch

Hackers \’ Epoch Cybersecurity Card Game is a tool for teaching students many of the terms associated with threats and vulnerabilities within the scope of Cybersecurity. These cards gamify some aspects of cybersecurity training and provide the educator with a starting point for the discussion of cybersecurity principles with students. As students play the game, they use the cards to build their own network infrastructure and defend it, while attempting to Deceive, Disrupt, Deny, Degrade, or Destroy systems and services belonging to other players. The goal is to add as many systems as possible to one’s own infrastructure before the game ends.


So, next time you’re looking for a fun and engaging way to brush up on your incident response skills, or if you are just getting into cybersecurity and want a good way to dive in and see the big picture, consider giving TTX card games a try. TTX card games are a great way to stay sharp and prepared for your cybersecurity incidents.

Thanks for reading this far.

Now my aim with this campaign is to provide readers with valuable content, insights, and inspiration that can help in their personal and professional lives. Whether you’re looking to improve your productivity, enhance your creative strategies, or simply stay up-to-date with the latest news and ideas in cybersecurity, I’ve got something for you.

But this campaign isn’t just about sharing our knowledge and expertise with you. It’s also about building a community of like-minded IT and security focused individuals who are passionate about learning, growing, and collaborating. By subscribing to the blog and reading every day, you’ll have the opportunity to engage with other readers, share your own insights and experiences, and connect with people in the industry.

So why should you read every day and subscribe? Well, for starters, you’ll be getting access to some great content that you won’t find anywhere else. From practical tips and strategies to thought-provoking insights and analysis, the blog has something for everyone that wants to get current and topical cybersecurity information. Plus, by subscribing, you’ll never miss a post, so you can stay on top of the latest trends and ideas in the field.

But perhaps the biggest reason to join the 30-in-30 campaign is that it’s a chance to be part of something bigger than yourself. By engaging with the community, sharing your thoughts and ideas, and learning from others, you’ll be able to grow both personally and professionally. So what are you waiting for? Subscribe, and for the next 30 days and beyond, let’s learn, grow, and achieve our goals together!

One thought on “30in30 – Post 7 – Gamification of Cybersecurity: A review of tabletop exercise (TTX) card games – part 1

Comments are closed.