CyberCIEGE TM : An Information Assurance Teaching Tool for Training and Awareness

Good security is not intrusive and can be almost invisible to typical users, who are often unaware of or take it for granted. However, good security practice by user populations is a critical element of an organization’s information assurance strategy. This is reflected in government information assurance teaching mandates such as DoD Directive 8570.1, which outlines objectives and requirements for information assurance (IA) education, training and awareness. Although mundane education, training and awareness programs may temporarily raise user interest, for many, mandatory education is considered a distracting waste of time. A new approach is needed to convey IA concepts that will engage the user’s imagination. CyberCIEGE is an innovative computer-based tool to teach information assurance concepts. The tool enhances information assurance education and training through the use of computer gaming techniques. In the CyberCIEGE virtual world, students spend virtual money to operate and defend their networks, and can watch the consequences of their choices, while under attack. This paper describes CyberCIEGE and will present ways in which this tool can be used to achieve Federal and DoD information assurance teaching objectives. * Development of CyberCIEGE was sponsored by the US Navy, the Naval Education and Training Command, the Office of Naval Research, and the Office of the Secretary of Defense. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the sponsors. + CyberCIEGE is a Trademark of Rivermind, Inc.