Thwarting hacks - it's all a game

The best way to train computer security experts to react to major incidents such as a hacker break-in or a virus outbreak could be through game playing, according to Winn Schwartau, an authority on cybercrime.

The best way to train computer security experts to react to major incidents such as a hacker break-in or a virus outbreak could be through game playing, according to Winn Schwartau, an authority on cybercrime.

Schwartau, editor of US computer crime Web site Infowar.com and author of books on computer hacking culture including Information Security, CyberShock and Time Based Security believes that "game" simulations provide the best method for testing security consultants under pressure.

YES

"The idea is to get people to deal with a problem when they have a security related event," said Schwartau, speaking from the Infosec security conference in London. "Part of the problem is how things escalate."

Response time has proved an important factor during many real-world security emergencies. Halting the spread of major viruses can depend on coordination and communications as has been demonstrated by the dramatic speed at which viruses such as the LoveBug and Kournikova spread between computer systems worldwide.

At the Infosec conference on Wednesday, Schwartau delivered a keynote speech in which he recommended that security consultant take part in simulated emergency "games". He also invited members of the audience to take part in a game involving a major theoretical hacker break-in. "The mock scenario is designed to make people aware of the difficulties of dealing with a security event," he said.