22 April 2024 • Cyber security
When we think of cyber security training, we often think of large corporations with a well-staffed IT team. One of the last groups we think about is students.
But even though most students today are born in the digital age, they face a lot of cyber threats they may not recognize. From cyberbullying to identity theft, students and schools can greatly benefit from regular cyber security training.
In the list below, you’ll find a list of the 10 best cyber security training solutions for students.
1. Guardey
Guardey is a cyber security training solution that uses gamification to keep its users engaged. Many students have a shorter attention span than before. It’s harder for them to stay focused, especially when the topic at hand isn’t exciting to them, like cyber security. This is where Guardey’s gamified training comes in handy.
Students get a weekly challenge that takes them up to three minutes to complete. They can do this on their smartphone, tablet, or desktop. During the challenges, they learn about topics like password security, cyber bullying, identity theft, and any other relevant security topic.
In a shared leaderboard, students can keep track of how they are performing compared to their fellow students. This adds a touch of friendly competition that keeps students engaged and motivated to keep learning.
You can use Guardey’s LMS to keep track of participation and performance. You can also add custom content to Guardey’s training content to ensure that your school’s specific security policies are reflected.
Pros
- Affordable
- Gamification keeps students engaged
- Instant feedback
Cons
- No video content
2. The Weakest Link
The Weakest Link is a single-player game. Roleplaying a new hire at a company, players must navigate their first day through multi-choice security questions. Each stage is well-designed, covering a common security issue like strong passwords, secure file transfer, and suspicious emails.
The game tackles examples of common issues that might trip up the average employee or manager. At each stage, players are given feedback on their answers regardless of whether they’re right or wrong. There’s also a link to additional reading on each answer screen if a player wants more in-depth information. Although there’s a score for each level and an overall security score, there isn’t much gamification.
The Weakest Link is entertaining and engaging. Taking under an hour to play, it’s an engrossing educational tool. However, it’s very much a one-and-done training exercise. It makes an excellent introduction to security or refresher course but it’s unlikely to produce lasting effects in terms of changed security behavior. If you’re looking for something that will encourage ongoing improvement in your team’s security posture, you’ll need a different product.
Pros
- Free to play
- Engaging and informative
- Realistic scenarios
- Instant feedback with the option to read further
Cons
- One-off rather than long-term
- Gamification is limited
- Not specifically made for students
3. Cyber Circus
Created by Texas A&M University to help college students get to grips with security, CyberCircus is a free game that anyone can access. If you’re a student at A&M, you can even win coupons for free food by getting the answers right.
Users outside the university will have to content themselves with a sense of accomplishment, as there are no rewards for non-A&M players. Cyber Circus features four simulated circus games, which are played by answering questions about personal cybersecurity. The questions are simple and the games are fun. All in all, it’s a good way to introduce beginners to important elements of personal cybersecurity to keep them safe online.
Pros
- Fun and engaging
- Covers important elements of personal security
- Free to play
- Great for students
Cons
- Limited scope
- Not made for long-term awareness training
4. Deepspace Danger
With its playful “Choose Your Own Adventure” cover design, Infosec: Deepspace Danger has a certain retro charm. The players find themselves stranded in space when their craft is damaged, along with a computer called “Pat”. Pat holds data for everyone in the entire solar system so it’s important to protect it from unauthorized access. The game is played by answering questions on cybersecurity.
Players are asked to sit through introductory videos before playing each stage of the game, which can be a little tiresome. While the space adventure theme is imaginative it’s not connected to real-world settings, limiting its relevance. Again, this is a one-off training solution that works for introducing cybersecurity topics but can’t be expected to produce long-term behavioral change in employees. The demo is free but there is no pricing available on the website, making it hard to gauge value for money.
Pros
- Nostalgic and fun
- Useful feedback
Cons
- Not relevant to real-world settings
- Videos are well-made but time-consuming
- Price is not communicated
5. KnowBe4
KnowBe4 creates a range of different cybersecurity products, including extensive training tools. These include fun trivia games where players can score points for answering cybersecurity questions correctly. They also offer a suite of products aimed at educating children to keep them safer online. KnowBe4’s institutional training materials are highly regarded, garnering positive customer reviews on reputable review sites.
Their Compliance Plus training library includes games like “Spot the Phish”, which help encourage employees to follow protocols and regulations. There’s also an extensive library of video content to educate employees on specific topics.
KnowBe4 is intended as a long-term training solution, aimed at producing lasting behaviour change in employees through regular challenges. These include simulated attacks like phishing emails and other common threats. While KnowBe4’s individual games might not create long-term change, they’re intended to form the foundation of a stronger cybersecurity posture as part of an overall training program. Although it can be customized for different contexts, KnowBe4 is aimed at companies rather than as cyber security training for schools.
Pros
- Sophisticated and professional
- Aimed at creating long-term behavioral change
Cons
- Requires a subscription
- Can be difficult to search the library for specific material
- Not really aimed at cyber security training for students
6. Hoxhunt
Hoxhunt is a security awareness training platform that includes gamification elements to encourage engagement. Rather than games per se, Hoxhunt uses a combination of instructional materials and simulations to educate and inform employees, as well as gain insights into employees’ knowledge and compliance levels.
Hoxhunt is highly regarded in the cybersecurity training space and generally receives top marks from its customers. The gamified simulations are quick to complete and the scoring system encourages participation. Users’ scores are fed to a leaderboard, creating a friendly competition that further drives engagement.
On the downside, Hoxhunt’s materials don’t really include games in the usual sense. It would be rather dry as cyber security training for schools.
Pros
- Extensive gamification
- Effective
- Professional
- Intuitive UI
Cons
- Some simulated emails are too obvious
- Aimed at enterprise organizations rather than cyber security training for students
7. Football Fever
This is another browser-based game from Texas A&M University. While it’s aimed at A&M students, anyone can access the game on the university’s website, making it a good option for cyber security training for schools. As with Cyber Circus, the football theme is used to frame a multiple-choice quiz. The content is fairly basic, aimed at personal rather than organizational cyber security.
While it’s fun and the sports theme might attract learners who otherwise wouldn’t engage, this is no substitute for a professional training product. Still, Football Fever is free and might make a useful introductory tool before getting users started on a long-term security training program.
Pros
- Entertaining
- Free
- Tone appropriate as cyber security training for students
Cons
- Unlikely to produce long-term results
- Not relevant to real-world settings
8. A security awareness escape room
Security escape rooms are games where a player must solve cybersecurity challenges to beat the puzzles and get out of the room. This kind of game is fairly popular and there are a number of them available. These range from point-and-click computer games to real-life escape rooms, such as Deloitte’s Security Awareness Escape Room.
In Deloitte’s game, players are confronted with a laptop that’s been infected with ransomware. They must somehow figure out how to defeat the encryption and unlock the device. The room involves a range of different challenges that cover important security topics, like data classification, social engineering, and phishing.
An escape room can be a highly effective way to teach important cybersecurity concepts, while also serving as a team-building exercise. On the downside, these games aren’t cheap — Deloitte’s escape room will set you back a minimum of $6000 per day, and not all your students will be able to join at once.
Pros
- Memorable and highly engaging
- Team-building value
Cons
- Time-consuming
- Expensive
- Can’t substitute for ongoing cyber security training for students
9. Phished
Phished is one of the big names in cybersecurity training. Although it’s less widely used than some of its competitors, Phished is highly regarded by customers and end users alike. As you’d probably surmise based on the name, Phished focuses heavily on the issue of phishing emails rather than other threats (physical breaches, data sharing, device security, etc), although it does cover these topics too. Its gamified training program uses convincing phishing emails to challenge learners and teach them what to look out for in real malicious communication.
Phished does one thing well: teaches users to spot phishing scams. It’s highly effective and demonstrably produces lasting behavioral change. It’s also competitively priced. On the downside, it offers limited gamification and doesn’t go into much depth on aspects of security beyond phishing.
Pros
- Well-designed and effective
- Attractively priced
- Prevents phishing attacks
Cons
- Heavily slanted towards phishing specifically
- Limited gamification
- Aimed at professional organizations rather than as cyber security training for students
10. Arctic Wolf
Arctic Wolf is a suite of managed cyber security products that includes an extensive training program. Launched in 2021, the training program aims to build resilience against threats like phishing emails, credential theft, and social engineering attacks. The training program provides instructional materials such as videos and documents, as well as simulated phishing emails to challenge and instruct employees.
Training is continuous, using short “microlearning” sessions that are delivered automatically to each learner. Learning is personalized based on an employee’s responses and behavior. This is an effective tactic that helps to produce lasting changes in behavior among learners. Customers praise the turnkey approach to training, where the system is set up once and then delivers training to each employee as required.
On the downside, Arctic Wolf’s training materials don’t include games in the usual sense. Learners are scored and evaluated but there is no real gamification to encourage engagement. Instead, learners are sent simulated attacks from time to time that they are expected to recognize and report. Arctic Wolf is designed more for corporate contexts than as a means to cyber security training for students.
Pros
- Effective and in-depth
- Continuous, ongoing training
- Creates behavioural change
Cons
- No real gamification
- Not aimed at students
Beat the short attention span
Our attention spans are shorter than before. Especially students will not love long-winded video courses or in-class training. That’s why you should opt for gamification to teach your students about cyber security.
Guardey uses a storyline, badges, and a leaderboard to keep students engaged and teaches them about all the cyber security threats they may be confronted with.
