MalAware: A tabletop exercise for malware security awareness education and incident response training

Abstract

Advancements in technology, including the Internet of Things (IoT) revolution, have enabled individuals and businesses to use systems and devices that connect, exchange data, and provide real-time information from far and near. Despite that, this interconnectivity and data sharing between systems and devices over the internet poses security and privacy risks as threat actors can intercept, steal, and use owners’ data for nefarious purposes. This paper discusses ’MalAware’, a ‘Malware Awareness Education’ and incident response (IR) scenario-based tabletop exercise and card game for malware threat mitigation training. It introduces the importance of incident management, highlights the dangers posed by malware for connected systems, and outlines the role of tabletop games and exercises in helping businesses mature their malware incident response capabilities. The study discusses the design of MalAware and summarises the results of 2 pilots undertaken to assess the concept, maintaining that the results highlighted the value of ‘MalAware’ as an essential tool to help students and staff master how to mitigate security threats caused by malware. It argues that MalAware can assist businesses in their IR preparedness endeavors, enabling incident management teams to review plans and processes to ensure they are fit for purpose. It enables staff to leverage scenario-based and simulated security breach examples, including role-play, to establish appropriate malware defences. MalAware’s practical hands-on exercises can assist trainees in gaining essential malware and other threat mitigation skills, helping to protect the security and privacy of IoTs.