Image of the corporates compromised board game.

The Corporates Compromised® board game.

A cyber security simulation created for business leaders and employees will help them understand and prepare for possible ransomware attacks. Ransomware is a type of malicious software that locks and encrypts a victim's:

  • data
  • files
  • devices, or
  • systems.

The software makes them inaccessible until a ransom is paid. Criminals might also demand a ransom to prevent them leaking or selling the victim’s data and intellectual property online.

Corporates Compromised® - a game designed to help business learn about ransomware

Corporates Compromised® is an interactive cyber security simulation game designed to:

  • raise awareness of ransomware
  • encourage critical thinking about how businesses react and respond to a ransomware attack.

The Cyber Security Cooperative Research Centre (Cyber Security CRC) developed the game in collaboration with:

  • CSIRO’s Data61
  • the Government of Western Australia Office of Digital Government, and
  • Edith Cowan University.

How the game works

Participants are immersed in a realistic ransomware cyber security incident affecting a fictitious organisation. The game includes ‘live’ news reports and calls for quick responses and decision making.

In the first round, participants set priorities and put plans into place. They also decide whether to accept, mitigate or ignore various levels of cyber risk.

In the second round, the facilitator leads participants through the implications of their cyber security decisions during an interactive ransomware attack scenario.

The final round considers the recovery after an attack. Including how that translates into operational, financial, and reputational damage and how risks could be minimised.

Each session is designed for 8-10 participants. Each facilitator can run up to 3 games concurrently for each session. Businesses of any type and size can participate.

Future developments and industry feedback

Corporates Compromised® has since received support from additional partners including:

  • NAB
  • BAE DI
  • NSW Government (Cyber NSW) and
  • ActewAGL.

With the additional support, the game scenarios have expanded to incorporate different threats in other businesses. These include a hospital, a charity, and an energy company.

There has been significant positive feedback from across industry. Many business leaders have expressed the value of their team participating in Corporates Compromised®.

The Corporates Compromised® board game provides an interactive simulation, intended to generate conversation about current cyber security posture, risk appetite and how to mitigate threats and events as the exercise evolves. Executives are encouraged to play a different role, thinking about their organisation from another perspective, and making decisions in a rapidly unfolding incident. Feedback from our Board, Executive and other stakeholders has been positive, with many inviting us to do further simulations with their teams.
— Helen McLeish, Chief Cybersecurity Officer, East Metropolitan Health Service.

Corporates Compromised® can also be purchased as part of a ‘Train the Trainer’ program. The program enables businesses to run the licensed game to suit their requirements.

As cyber threats grow across Australia and internationally, it is vital all businesses understand how to prepare for and manage a cyber incident. Corporates Compromised® is the perfect solution to help business leaders best prepare their staff and organisation for these real threats.
— Cyber Security CRC CEO Rachael Falk

The Cyber Security CRC was awarded a grant of $50 million over 7 years from January 2018 - December 2024 to deliver solutions that increase the security of critical infrastructure and provide cyber security solutions that benefit businesses and their customers.

Further information

You can also contact the Australian Cyber Security Centre on 1300 CYBER1 (1300 292 371).

Was this page helpful?