I love the beginnings of new projects. It’s the time when the possibilities are the most open, and that’s exciting to me. As we neared completion on our first game, Beat the Thief, we started thinking about what was next. Two questions guided this process: Who are we creating the game for? And what should the game teach?
After a few brainstorming sessions, we settled on a game for small business professionals. The game will focus on analyzing the risks vs. the rewards of data collection and how best to incorporate data security into business practices.
Why focus on small businesses? The numbers are pretty stark: 75% of data breaches occur in businesses of 100 or fewer employees, and 83% of small businesses have no formal cybersecurity plan in place.
Taking on the role of a small business is also interesting from a gameplay perspective. In the Center’s first game, Beat the Thief, you play as an individual dealing with data on the micro level: “Is this singular piece of data good or bad?” But that binary choice can be limiting as a player. Being able to take a macro-view of data allows players to judge data on a sliding scale: “I want some of this data, but not too much!” This makes for a more open and interesting playspace.
We want the game to give players some practice analyzing and making decisions about similar scenarios that they may face in the real world. Hopefully the game will bring to light the risk that comes with collecting customer data. In reality, this risk is often not apparent until it’s too late. In a game environment, however, it’s never too late; you can fail and retry as many times as you’d like—without going bankrupt! We are designing the game to illustrate the risks of data collection and steps that a business can take to protect itself. After playing the game, teams and businesses can discuss how to improve their own data security practices.
After pinpointing our educational objectives and brainstorming ideas, we began building. After a few months of development, we have a rough prototype up and running. In our new game, you build up various aspects of your business in order to earn as much revenue as possible before time runs out. Impending data breaches, however, constantly oppose your efforts.“Can I balance building up my revenue while protecting my data? Are those juicy credit card numbers worth the risk? How much do I have to train my employees in security practices?” All of these questions will be raised in the game, and we hope you’ll play it and try to answer them for yourself. We’re confident the game will offer a new approach to team training and open up fascinating conversations within businesses about how to approach identity management.