The Dutch Land Registry organizes an IT On Tour every year. One of the topics is cybersecurity. The Land Registry was looking for a new way to bring cybersecurity to the attention of their employees: The subject of security had previously proven unpopular. Together with the Land Registry, we developed a serious cybersecurity game with escape room elements. Here we have united the fun, the challenging, and the educational.
Serious escape room
Number of participants
4 to 7 participants per group
Cybersecurity, phishing, spoofing & social engineering
(+ possible reflection)
Learning objective: raise awareness about cybersecurity risks in a positive and interactive way
The question Putting people first
An employee’s awareness of cybersecurity has a major impact on being able to work safely and prevent cybercrime.
Many organizations have now installed advanced firewalls and use specialized tools to mitigate cyber attacks. Cybercriminals have shifted their focus to employees as their initial entry point into IT systems. It is therefore important in the game to focus on humans and what they can do to recognize and prevent unsafe situations.
Together with the Land Registry, we drew up the list of topics to be covered in the game. From phishing to password management, and from social engineering to CEO fraud.
The solution A major takeover
The result was the game H@ck3D! A 30-minute game that can be played by several groups of five people simultaneously. The goal for the players was to complete a company takeover using the CFO’s found bag. No time to lose!
The game had to be able to be played at different locations in multiple groups. Therefore we deliberately did not make the game too big: the whole game consisted of one bag.
The game connects both physical and digital elements. For example, participants use the CFO’s keychain, wallet and social media accounts to reset his password.
When in the CFO’s simulated Citrix environment, participants search for the right way to complete the takeover. Phishing emails, fake websites and analogous account information provide many opportunities to complete the task either correctly or incorrectly.
The result Positive Cyber Experience
We can tell you what the result was, but we’d much rather let our customers do the talking. Here’s what Pim Sluiter, Relationship Manager IT at the Land Registry wanted to share about the result and the collaboration:
“Every year, the IT unit of the Land Registry organizes an event for its own employees at the various sites in the Netherlands: IT on Tour. This time we wanted to draw attention to IT security, among other things. To do this in a fun and educational way, we thought of an escape game.”
They ended up with Raccoon Serious Games.
“Raccoon was able to customize an existing game from their package for the Land Registry at a good price. In addition, the game was supervised by Raccoon Serious Games. In November, we visited all 8 offices of the Land Registry. The employees enthusiastically played the escape game with several groups at a time. The game was also suitable for all ages. The participants of the game were all enthusiastic about the game itself. They also indicated that they were more aware of the dangers and risks of working digitally.”
How do they look back on the collaboration?
“All in all, we look back on a pleasant cooperation with Raccoon, in which they have shown to be very flexible in, among other things, adapting their game to our wishes. Also during the execution of the game, their efforts were focused on making the game a success. We have since evaluated the game and the cooperation with Raccoon, and Raccoon is capable of improving this game for the next organization. Our compliments to the motivated staff of Raccoon!”
This post is also available in: Nederlands