Project supported under call for projects #1 (2024)
" Empowering Small Organizations to Fight Against the Exponential Growth of Cyberecrime "

After several incidents, it is urgent to reinforce the of security posture and sensitize employees à cybercrime. The IRIS project aims to create a serious game simulating cyber-attacks and post-incident actions, with game mechanics and content specifically adapted to public institutions, incorporating advanced UX and enabling in-depth analysis of participants' behavior.

Description

Creation and development of a serious game simulating cyber-attacks and post-incident actions, with game mechanics and content specifically tailored to public sector organizations:

Analysis of the specific cybersecurity needs, challenges and objectives of public institutions
Development of game mechanics and appropriate technical approach to meet learning objectives
Design of scenarios featuring cyber-attacks and digital hygiene principles, as well as crisis management situations and corrective actions
Design and prototyping of a Proof-of-Concept and user testing
Definition of a methodology for in-depth analysis of participant behavior to guide the development of new training courses
First dissemination by the Cybersecurity Task Force of the Canton of Vaud (CSIRT)

Problem

A number of municipalities in the canton of Vaud have recently been confronted with cybersecurity incidents.

This situation has highlighted the urgent need to strengthen their security posture and raise awareness of cybercrime among their employees.

As a result, since the beginning of 2024, the State of Vaud has deployed new services for more than 300 communes and 140 intercommunal associations.

Objective

Increase the cyber resilience of municipalities and their employees in an engaging, interactive, and sustainable way using results-driven gamification methods.