Global specialist insurer Hiscox has taken cyber security to the tabletop with the launch of No Phish, a new card game designed to help businesses learn about cyber readiness.
No Phish was inspired by Hiscox’s fifth annual Cyber Readiness Report, which revealed the number of cyber-attacks against businesses rose from 38% in 2019 to 43% in 2020, with one in six firms attacked saying its survival was threatened.
The deck of 36 cards, available to download and print from the Hiscox website, contains card types like viruses, ransomware and business email compromise, each of which are combated by security cards like multi-factor authentication (MFA), back-ups and employee training.
During a game, players take turns playing malicious attack cards and responding with security cards to simulate the issues the types of incidents a business may face. The first one to get rid of all of their cards is declared the winner.
While specific security cards are designed to respond to particular threats, such as multi-factor authentication combating the business email compromise card, players can reveal a secret weapon that can be played against any threat: that weapon being higher IT budgets.
The cyber readiness report found that cyber spending has increased to meet the challenge brought on by the pandemic, with the majority (63%) of companies surveyed dedicating 21% of their IT budget to preventing cyber-attacks.
The Cards of No Phish
- Multi-factor authentication: A security precaution which grants a user access only after presenting evidence from two or more devices. Pairs with the business email compromise card.
- Anti-virus: Security software that detects instances of malware and protects your system from attack. Pairs with the virus card.
- Employee training: The number of businesses mentioning increased spending on training in 2021 is down 40% to 32%. Pairs with the phishing card.
- Back ups: Backing up your data frequently online and offline provides you with a back-up plan should your system be compromised. Pairs with the ransomware card.
- Virus: 31% of firms affected by a cyber-attack had to deal with a virus infection. Pairs with the anti-virus card.
- Phishing: 28% of businesses identified phishing as the first point of entry for a cyber-attack they experienced. Pairs with the employee training card.
- Ransomware: One-in-six firms attacked were hit with a ransom and more than half (58%) paid up. Pairs with the back ups card.
- Business email compromise: 28% of firms had to deal with payment diversion fraud arising from business email compromise. Pairs with the multi-factor authentication card.
- Secret weapon: The No Phish trump card, allows you to play your turn no matter what card is played.
Stephen Ridley, Hiscox UK cyber underwriting manager, commented: “The pandemic has presented greater cyber security risks for UK businesses, and it’s more important than ever for all of us to have a fully rounded understanding of the cyber threats businesses face. With more people working from home, we thought it was the perfect opportunity to do something different, which is why we created a card game.”
“No Phish provides us with a unique way of introducing new audiences to the fundamentals of cyber readiness and we hope it serves as both an entertaining and educational experience.”
“We know that this threat isn’t limited to particular countries, and whilst it’s evident that UK businesses are continuously investing in cyber defences, it’s important that increased investment continues to prevent grave financial losses.”
Hiscox’s No Phish card game and a full breakdown of the rules can be found here.
You can access a full copy of The Hiscox Cyber Readiness Report 2021 here.