Hiscox has unveiled a new card game aimed at educating businesses on cyber security.

Hiscox, a global specialist insurer, has launched a new educational card game called "No Phish" to teach businesses about the basics of cybersecurity. The game was inspired by Hiscox's fifth annual Cyber Readiness Report, which highlighted the increasing level of cyberattacks on businesses from 2019 to 2020, with one in six businesses stating that their survival was at risk. The game features 36 cards, including viruses, ransomware, and business email breaches, which players must combat with security cards like multi-factor authentication (MFA), backups, and employee training. The game can be downloaded and printed from the Hiscox website.

In the No Phish card game, players take turns using attack and security cards to simulate the types of cybersecurity threats a company may face. The game's objective is for players to discard all of their cards and win the game. The game also emphasizes the importance of increasing IT budgets as a hidden weapon to combat cyber threats. Certain security cards are designed to counter specific risks, such as multi-factor authentication countering corporate email compromise cards.

According to a recent cyber preparedness assessment, companies have increased their investments in cybersecurity in response to the pandemic's challenges. The survey found that 63% of the organizations polled allocated 21% of their IT budget to thwarting cyberattacks.

Creative teams often face difficulties in producing work effectively and efficiently, especially when it comes to receiving feedback and evaluating the impact of their work.

The primary challenges presented in No Phish are represented by the different cards, each with their own unique properties and corresponding risks:

• Multi-factor authentication: a security measure that requires two or more forms of evidence for access, often used in conjunction with the business email compromise card.
• Anti-virus: software designed to identify and prevent malware attacks, complementing the virus card.
• Employee training: despite a 40% decrease in businesses investing in training in 2021, it remains an essential aspect of cyber readiness and is linked with the phishing card.
• Back ups: : regular backups of data are crucial in case of a system compromise, making this card essential when facing the ransomware card. • Virus: malware infections impacted 31% of organizations affected by a cyberattack, countered by the anti-virus card.
• Phishing: a significant entry point for cyberattacks, identified as the primary means of entry by 28% of businesses, and addressed by the employee training card.
• Ransomware: a growing threat with serious consequences, as over half of businesses (58%) that experienced a ransomware attack paid up, making the backups card vital.
• Business email compromise: a type of fraud affecting 28% of organizations, countered by the multi-factor authentication card.
• Secret weapon: the No Phish trump card allows players to overcome any card played against them and continue their turn.

Stephen Ridley, the manager of Hiscox UK's cyber underwriting division, noted that the COVID-19 pandemic has led to increased cyber security concerns for UK businesses, making it crucial for everyone to have a comprehensive understanding of the cyber risks that companies face. To address this issue, Hiscox developed the No Phish card game as an innovative way to introduce people to the basics of cyber readiness while also providing entertainment. Hiscox hopes that the game will serve as both a fun and informative experience for players of all levels.

While UK businesses have been investing heavily in cyber defenses, the threat is not limited to any particular country, and it's critical that companies continue to increase their investment to avoid significant financial losses. To learn more about the No Phish card game and its rules, visit the Hiscox website here.