Overview
Industry-relevant and innovative, Cyber42 is the ultimate continuous table top simulation for developing your cybersecurity leadership skills in a fun and collaborative environment.
Individuals or teams play to improve the state of security for a fictional organization. Just as in real life, any program has constraints, such as time, money, and resources. Students are required to manage their resources even amongst changing tides and requirements within the organization. They must capitalize on the schedule and available resources to accomplish necessary tasks in a timely and effective manner. Players can interact with one another in order to maximize the results of their program. This type of interactive simulation puts students in real-world scenarios that spur discussion, critical thinking of situations, and melding of different points of view and personalities that they will encounter at work.
As students progress in the game, they choose different initiatives to implement. These initiatives are larger, strategic activities that drive change for the organization. By the end of the game various different initiatives are implemented.
Just like in the real world, however, unexpected events can arise that delay or even possibly derail a planned strategic initiative. In the game there are multiple events to which players will respond. The decisions that are made in response to these events will alter budgets, time, level of security functions, and ultimately the player’s final score.
Winning the game is simple. A player/team needs to have the highest score.
Features
- Play solo or on a team
- Designed for cybersecurity managers, directors, and aspiring leaders
- Apply what you've learned in class and on the job in a safe and interactive environment
- Earn recognition on our real-time scoreboard
- Share your knowledge using interactive Slack chat with other players
- Sharpen your skills with game-based training that is fun and engaging
Versions Include
- Security Program Capabilities
- CISO for A Day
- Vulnerability Management
Versions Of Cyber42:
1. Security Program Capabilities
This version of the game represents how well your fictional organization builds and leads a security program. It’s about balancing the implementation of various security controls to build a well rounded program and, ultimately, create lasting security improvement.
Topics:
- Balance the build out of your security program by improving your Identify, Protect, Detect, and Respond capabilities as defined by the NIST Cybersecurity Framework (CSF). These core functions represent key areas of investment as you seek to find ways to build your team.
Who Should Attend:
- Security Managers: Newly appointed information security officers or recently promoted security leaders who want to build a security foundation for leading and building teams
- Security Professionals: Technically skilled security administrators who have recently been given leadership responsibilities or team leads with responsibility for a specific security function who want to understand what other teams are doing
- Managers: Managers who want to understand what technical people are telling them or who need an understanding of security from a management perspective
2. CISO For A Day
This version of the game represents how well your fictional organization builds a security strategic plan.
Topics:
- Learn to meet business goals and lead execution by building your ability to Decipher, Develop, Deliver, and Lead as defined by the MGT514 strategic planning process.
Who Should Attend:
- CISOs
- Information security officers
- Security directors
- Security managers
- Aspiring security leaders
- Security personnel who have team lead or management responsibilities
- Anyone who wants to go beyond technical skills
- Technical professionals who want to learn to communicate with senior leaders in business terms
3. Vulnerability Management
This version of the game represents how well your fictional organization builds a vulnerability management program. It’s about maturing vulnerability management capabilities to mitigate and remediate the never ending stream of security vulnerabilities.Topics:
- Build a sustainable vulnerability management program by improving your ability to Identify, Analyze, Communicate, and Treat security vulnerabilities as defined by the MGT516 vulnerability management process.
Who Should Attend:
- CISOs
- Security managers, officers, and directors
- Aspiring information security leaders
- Risk management professionals

Private Ranges for your Team
Select a private cyber range experience for your team to assess or advance their skills to meet the unique needs of your organization. SANS will help you to:
- Define Learning Objectives
- Develop Scorecards
- Configure Content & Platform
Cyber42 Game Days 2021
Date | Start Time | Cyber42 Version | Leader |
---|---|---|---|
Jan 26 | 10:30 ET | 3:30 GMT | Joe Sullivan | |
Feb 23 | 10:30 ET | 3:30 GMT | Vulnerability Management | Jonathan Risto & Chris Denney |
March 23 | 10:30 ET | 2:30 GMT | Security Capabilities | Kevin Garvey |
April 27 | 10:30 ET | 2:30 GMT | CISO For A Day | Joe Sullivan |
May 25 | 10:30 ET | 2:30 GMT | Security Capabilities | Kevin Garvey |
June 22 | 10:30 ET | 2:30 GMT | Vulnerability Management | David Hazar |
July 27 | 10:30 ET | 2:30 GMT | CISO For A Day | Joe Sullivan |
Aug 24 | 10:30 ET | 2:30 GMT | Security Capabilities | Kevin Garvey |
Sept 28 | 10:30 ET | 2:30 GMT | Vulnerability Management | Jonathan Risto |
Oct 26 | 10:30 ET | 2:30 GMT | CISO For A Day |
Joe Sullivan |
Nov 23 | 10:30 ET | 3:30 GMT | Security Capabilities | Kevin Garvey |
Dec 28 | 10:30 ET | 3:30 GMT | Vulnerability Management | David Hazar |
Laptop Requirements
A laptop or mobile device with the latest web browser is required to play the Cyber42 leadership simulation game.