Cyber Security Stories

Why games are a crucial tool for teaching young people about cybersecurity

Videogames can help young people to learn the basics of cybersecurity, says Zayd Dawood, university lecturer and game designer for Cyber Security Challenge UK.

Computing lecturer Zayd designed a game to teach young people the pitfalls of cybersecurity in a vivid, exciting way in partnership with Cyber Security Challenge UK. Zayd and his colleagues had brainstormed ideas including escape rooms and 3D puzzles – but eventually settled on a Mario-style platform game set in a futuristic landscape.

The idea is to teach young people the basics of Britain’s Computer Misuse Act – via the antics of a robot character, Astro the Android, in a two-dimensional cyberpunk world filled with chatty NPCs (non-player characters). The game is playable free on both PC and smartphones here.

‘The Cyber Security Challenge UK is trying to make people who have access to the digital world realise that not everything there is safe. Hopefully we show that even some of the things that young people might have a go at doing themselves, might actually get them into trouble.’

It’s important that young people immerse themselves in technology so that they can understand both the good side and the ‘dark side’ of technology, Zayd believes. Part of that is to learn about and understand the ‘dark secrets’ of the cybersecurity world. Young people need to be able to make informed decisions, Zayd believes.

‘It’s important that they delve into the information around cybercrime as much as possible – to avoid being in a position where they’ve caused an offence. It can be a grey area, because nowadays being a hacker isn’t always a wrong thing to do: the world is looking for hackers who do the right thing.’

The Cyber Security Challenge is no stranger to using games to spread its message to technically able young people, with web games on its site such as Cyberland, which offers 16 immersive activities that teach important safety lessons about staying safe online, and introduce key cyber concepts such as firewalls and phishing.

Astro the Android is a more in-depth experience teaching the ins and outs of the Computer Misuse Act, which was brought in in 1990 just before the dawn of the World Wide Web to cover then-emerging offences such as hacking. The act governs issues such as hacking into computer systems, computer fraud, blackmail and viruses. Failing to comply with the Computer Misuse Act can lead to fines or prison sentences.

The game is a full-fledged action title, where Astro has to collect items and avoid enemies, as well as collecting the game’s currency (called ‘crypto coins’). Throughout the levels, there are also NPCs who ask questions (themed around what is and isn’t illegal under the Computer Misuse Act). Answering the questions correctly scores the player points – and helps them rise up a global leaderboard.

‘They can see their score on a leaderboard, which is globally active – so every player can see where they are compared to other players around the world. I have really enjoyed the challenge of working out how games get made. ‘What do you need to do to tell the computer to make your character jump? So I hope people enjoy it!’

Zayd believes that young people need to know more about cybersecurity because the field is growing in importance every year. Zayd points out that there are dozens of careers available for young people in the cybersecurity field, from lawyers that specialise in a cybercrime, or a programmer who designs apps to stop Trojan attacks.

‘Cybersecurity is a challenge in itself,’ he points out, ‘Because you’re up against people who are out to cause damage – and who want to prove they are better than you.’

The Cyber Security Challenge offers  games and activities themed around cyber security, including Astro the Android and ‘Cyber Land’ activities which offer fun ways to engage with the basics of security. Click here to visit and learn more about Cyber Security Challenge and its work with young people. Interested in taking part in a future blog? Email us here.

Alex Roxon on why ‘gamification’ is key to inspiring young people to work in cybersecurity

Games and puzzles are one of the best ways to ignite an interest in cybersecurity in young people, says Alex Roxon, Infosec and Cyber Consultant at Cortida Limited.

Alex became involved in the Cyber Security Challenge due to the Challenge’s use of ‘gamification’ as a way to reach out to young people – as it’s an approach he believes works. Alex previously produced his own cybersecurity playing card deck filled with cyber attacks and defences – and a pick-your-own-path novel about an attack by a sinister cyber threat group called Golden Slug.

Organisations can’t afford to have a boring message if they are going to get through to young people, Alex believes – it has to be something that grabs the attention. He says, ‘If it’s PowerPoint, or someone reading from a slide and it’s incredibly dull and not inspiring, it’s not going to capture anybody.’

Gamification helps to communicate an important message to young people: that cybersecurity offers well-paying jobs which they could be good at. The messaging has to be fun because young people sometimes need guide rails to ensure they use their talents, Alex believes. That’s why the Cyber Security Challenge’s work with young people is so important.

‘There’s a few very talented penetration testers who started off by being criminals,’ Alex says. ‘They are curious and have this energy and this enthusiasm about computers, but because they didn’t have any guide rails to work with, they strayed into the wrong territory.’

Alex is passionate about capturing that energy and persuading young people to go into cybersecurity jobs. He points out that there are great salaries on offer for technically astute young people. While young people can ‘change tack’ and become penetration testers after dabbling in crime, the picture is brighter for young people who go straight into cybersecurity.

Alex says, ‘If that positivity and that enthusiasm can be captured really early on, the sky’s the limit for those people.’

Alex hopes to speak at schools and give away copies of his cybersecurity card deck and book as part of his work with the Cybersecurity Challenge. The card deck is a normal set of playing cards, but with cybersecurity attacks and defences on them – each card depicting one cybersecurity concept. Hearts and diamonds are ‘red team’ activities (attacks) and clubs and spades offer defences.

Alex’s book, ‘Choose Your Infosec Path’ was inspired by the Give Yourself Goosebumps stories he read as a youngster – but here, readers pick what to do in a cybersecurity crisis.

‘You’re a CISO at a company,’ he says. ‘You get told by the boss that there’s a new threat actor on the loose called Golden Slug, and your choices will dictate whether it ends in disaster or triumph.’

With 50 or 60 endings, the book is designed to teach beginners the basics of cybersecurity – written in plain language and targeting youngsters without any background in the field, and capturing some of the excitement of the job.

Alex believes it’s important to keep growing the talent pool for cybersecurity – and that games and puzzles are a vital part of that.

The Cyber Security Challenge offers  games and activities themed around cyber security, with its ‘Cyber Land’ activities offering fun ways to engage with the basics of security. Click here to visit and learn more about Cyber Security Challenge and its work with young people. Looking for a guest speaker for cyber careers at schools or universities? Get in touch with Alex Roxon via