Gamification -Bob Childs
Gamification
The mechanics of Gamification and how it can be an important part of Guernsey’s economic future.
Bob Childs, from Guernsey’s College of Further Education, reports on how Gamification is changing the way we learn and how it can benefit Guernsey’s local economy.
Gamification is a term you may feel is new, in reality it has been around for decades and Guernsey is playing catch up. If you consider the global gamification industry generated $242 million in 2012 and is set to rise to $2.8 billion in 2016 you can see why so many students are keen to explore this exciting industry.
In simple terms, Gamification is the concept of applying game mechanics and game design techniques to engage and motivate people to achieve their goals. It is playing an increasingly important role in modern education.
To play any game there are always certain elements such as point scoring, competition with others, and rules of play. Young people particularly like to play games for hours and are totally immersed, playing on anything from TVs to smartphones. If you can harness that sense of attraction and achievement, make it available on any device, you have a powerful motivator. Gamification can apply to anything from data input to sales management. Most of the Global 2000 companies will have at least one game application by 2016. The opportunity locally is to gain a global reputation in IT security and cyber warfare counter measures for the finance and legal sectors through gamification.
When the immersive nature of gaming is coupled to realistic and tailored IT security scenario exercises, Gamification becomes the channel from which a well-rehearsed pool of on-island expertise can deal at an operational level. Examples of which are the recent cyber-attacks including the ones against Sony and the Ukraine.
The potential for Guernsey, in my opinion, is that entrance on the world stage in this area would demonstrate we have an island capable of standing on its feet in a cyber-defence space with skills others would willingly adopt.
Participants in scenario based games are involved in risk taking, problem solving skill and working within time centric scenarios. These are all desirable attributes for anyone: the question is how to adapt it. Forget the stereo typical shoot-them up gamers, companies such as Deloitte Consulting have seen massive improvements to its Leadership Academy since the integration of gamification. The level of customisation that gamification offers easily keeps employees engaged and its competitive nature helps increase productivity. What they are doing is applying the attributes of gaming to solving real business issues.
Security has many touch points, where gamification can apply, be that for end user awareness, technical administrators or executive incident management. For example an end user might use an app on a smartphone, whilst leadership training requires a number of differing skills for which an immersive scenario based game can be made to represent, these might be personal goals, team-work, or crisis management.
At one end of the scale participants can work and learn in their own time, picking up rewards, medals and feedback as they progress through the game – and enjoying themselves whilst doing so. Salesforce use this approach to encourage the reporting of phishing attacks. At the other end complex problems can stress tested against deadlines. Going down either route you would not feel you are playing a game in the conventional sense. The ongoing value for the creator is the fact that the game can be customised and run for a specific organisation. People capable of creating organisational specific games will generate Intellectual Property – and this is exactly the pool of talent we need to grow and nurture.
At The Guernsey College, I am witnessing an appetite for this sector as students demand far greater insight into the extensive world of information technology. Perhaps the greatest argument for the potential for this sector comes from the highly respects SANS Institute a world leading security training vendor. Lance Spritzer, spokesman for said that before security training, 30% to 60% of users will fall victim to a fake phishing email, after training and six months to a year of a gamification program, the rate can fall to 5%. Given these sort of results, Gamification is set to change the face of governance training.
The IT industry will tell us that cyber-attacks are going to happen more frequently and will get more sophisticated. Gamification is a great way to bench mark that the right person is in the right role and equipped accordingly.
You may be already doing gamification and not realise it. Guernsey has been fortunate to have the calibre of providers capable of being a world leader in the area of business continuity exercises providers for years. Gamification is just the trend to put the whole experience and engagement on computer.
Aside from the actual game platform, running these scenarios provides consultancy opportunities and methodologies that are transferable – which is exactly how Business Continuity specialists have earnt their revenue from a similar approach .The opportunity here is security and this initiative follows a similar risk based path.
New applications are being found all the time. For example during an eight-day offensive against militants in the Gaza Strip, in November 2012 Israel’s military promoted gamification features on the front page of the Israel Defence Forces (IDF) website, allowing visitors to score points for tweets and repeat visits. AON have long since been quoted as saying reputation is the number one risk to an incident.
How many Guernsey financial intuitions could say they have a considered and viable plan in place to either go on the front foot after an cyber attack, or to manage an internal security lapse, with the potential associated reputational loss through social media?
So how does gamification apply to Guernsey?
To be a centre of expertise we need a pool of different and collaborating skill sets. Programmers trained up, people experienced in gaming production and people with deep experience of cyber security to ensure these games have the content to align to organisation goals or learning criteria. Once created the scalability is vast. We know IT security is a huge growth market and through gamification we can skill up internally but also sell this fresh expertise on around the world.
Well if our workforce are small and nimble enough we can produce games quickly to meet markets that reflect the high skills sets of our knowledge workers. In essence once we have the gamification platforms in place Guernsey can leverage its existing finance and legal sectors, its security, continuity and regulation experience to stamp a global footprint. Create an iPhone game and get it downloaded in Australia a million times. Create a complex full blown scenario based security training exercise and license the IP across the world, with minimal cost of distribution. It is very difficult to get a niche in a global market place, and the industry is already well formed. By focussing on gamification in the context of the cyber security for specific industries this specialisation would allow Guernsey to position itself at the top end of the market
What do we need to make this happen?
It is often said to make anything happen you need time, resources, people and money. For Guernsey to be a key player experienced people and time are going to be essential. We cannot start from a virtual standstill and it will need to be a strong collaborative effort. On island companies such as Ascot Barclay (and if you have not heard of them you really ought to look them up) have worked at an international level in terms of cyber security and have recruited the very best from the traditional gaming world to gamify security provision. Literally think Grand Theft Auto meets GCHQ. There is a breadth of expertise in security and risk and we just need to shout about it more. Guernsey now needs to train up teams of programmers capable of delivering the games. Leveraging the existing finance and legal and IT sectors on island, we can then to build the cyber ‘FINTECH’ proposition with a global reach.
In essence, to become a centre of excellence in cyber security we need to be experts in gamification to deliver it. The elements of security, gamification and the business led profile working in concert become a compelling proposition on which a reputation can be built.