#RSAC SESSION ID: Kevin McLaughlin Kody McLaughlin Gamification of your Global Information Security Operations Center HUM-R03 SOC Team Lead Morphick @InfoMoogle Global Information Security Leader Whirlpool @mclaugkl
Gamification of your Global Information Security Operations Center - RSA 2015
Jul 16, 2015
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
#RSAC
SESSION ID:
Kevin McLaughlin Kody McLaughlin
Gamification of your Global Information Security Operations Center
HUM-R03
SOC Team Lead
Morphick
@InfoMoogle
Global Information Security Leader
Whirlpool
@mclaugkl
#RSAC
What is Gamification?
2
Using game mechanics and rewards in a non-game setting to
increase engagement and drive desired behaviors
#RSAC
What Does it Take?
Understanding of Gamification Methodology
The Strategy
Resource Time
Budget
Buy In
3
#RSAC
ISST Aces
4
Doug “Shiny” W.
Ben “Goose” O.
Kevin “Keystone” M.
Philip “Badger” B.
#RSAC
Benefits to an ISOC
Speed up the analysis process
Encourage knowledge sharing
Accelerate the adoption of new technologies
Improve training and education programs
Raise morale
Make it fun!
5
#RSAC
Goals of the Gamification Program
GoalsDefine desirable behaviors
Encourage the performance of those behaviors
Measure that performance
Reward excellence
6
#RSAC
2014 Malware on Workstations Remediation
7
#RSAC
Desired Behaviors
Quick initial response to a case
Quick resolution of a case
Accurate resolution of a case
Quality documentation of a case
Continued growth and learning of team
8
#RSAC
The Game Shall NOT:
Be tied to a bonus or promotion in any way
Be subject to performance reviews
Add stress or pressure
9
#RSAC
The Game Shall
Allow players to be creative
Allow players to set their own pace
Offer rewards that represent an achieved status
Motivate growth and mastery
Be designed specifically for your unique culture
Have clearly defined progression and rewards
Be fun!
10
#RSAC
How to be Creative
Player personal identity
Self expression
Autonomy
11
Awesome ninja avatar
Awesome ninja name
Awesome ninja color
#RSAC
Zero Day Malware Wanted Posters
12
#RSAC
Reward Positive Behavior
Titles
Badges
Knick-knacks
Challenge Coin
Plaque
Levels
Privilege
13
The sheriff of incident response
#RSAC
Motivate Growth and Mastery
14
Frequent victories
Relevance
Reputation Recognition
#RSAC
Progression and Rewards
15
#RSAC
Game Types
16
Cooperative
Competitive Blended
Solo
#RSAC
Game Mechanics
Points Leaderboards Achievements Missions Contests Levels
17
#RSAC
Apply Slide
Next week you should:
Define business goals
Define the behaviors that will meet those goals
In the first three months following this presentation you should:
Select your game type and mechanic
Select your prizes
Deploy
Within six months you should:
Evaluate program effectiveness
Tweak and redesign as necessary
18
#RSAC
Thank You
Don’t Forget Your Coin
19
Related Documents
