Cyber Wargaming: Strengthening Cybersecurity in the Digital Age

In today’s technology-driven era, the importance of a robust cybersecurity framework for any private or public organization cannot be overstated. No civilian or military entity can consider itself secure in the digital realm without a comprehensive and dynamic cybersecurity strategy that integrates the technical, procedural, and human elements of its digital environment. As organizations continue to employ innovative methods and techniques to counter evolving cyber threats, there remain procedural gaps, technical vulnerabilities, and undetected experience deficiencies.

The Rising Cost of Cyber Threats

Security vulnerabilities are often exploited by cyber attackers to gain access to sensitive data, frequently resulting in the suspension of critical operations. These security breaches can lead to significant financial and reputational losses for companies and serious national security issues for governments. According to Statista, the global cost of cyber attacks has skyrocketed from $0.7 trillion in 2007 to $7.08 trillion in 2023, with projections indicating a rise to $13.82 trillion by 2028. This figure is equivalent to the world’s third-largest economy, trailing only the United States and China.

The Imperative of Cybersecurity

Such substantial financial and national security concerns have compelled private and public organizations to prioritize cybersecurity and invest heavily in securing their digital operations. While cybersecurity firms continue to offer innovative security solutions, the initiative in the cyber warfare equation often lies with cyber attackers and insecure elements beyond the control of firms. This trend is likely to persist in the near future. As one of the pioneers of computing, Mr. Willis Ware, aptly put it, “The only truly secure computer is one that is turned off and unplugged, locked in a safe, and buried underground.” Thus, the digital realm will always remain under threat as long as we continue to rely on it.

The Role of Cyber Wargaming

The increasing global trend of cyber incidents and crimes shows that while these events and breaches can be mitigated, they cannot be entirely eliminated. So, how can cybersecurity breaches be prevented and damages minimized in such a complex, challenging, vulnerable, and unpredictable digital environment? The answer lies in adapting the concept of Cyber Wargaming, which integrates the latest technologies and cybersecurity techniques to prevent unexpected incidents and minimize damages.

Learning from the Military: Cyber Wargaming

The concept of wargaming was first introduced in the early 19th century by Lieutenant Georg von Reiswitz, a Prussian officer who convinced senior officers that war could be recreated and different scenarios simulated on a map. Since then, armies worldwide have relied on wargaming to minimize unexpected events and prevent catastrophic failures. Wargaming allows for the simulation of potential risk areas by accounting for uncertainties and narrowing the uncertainty range as much as possible.

Wargaming involves analytical games that simulate various aspects of war between opposing forces at tactical, operational, or strategic levels. These games are used to study war concepts, train commanders and analysts, explore scenarios, and evaluate how force planning affects outcomes. Armies engage in various wargaming exercises, including scenario exercises, tabletop map exercises, and computer-assisted exercises. They also provide opportunities to test strategies/concepts, train professionals, identify weak areas/deficiencies, test weapons, validate procedures, prepare intervention strategies, and aid strategic decision-making. Wargaming helps bring together inter-agency/intra-agency stakeholders to build relationships and work together to find unique solutions to complex problems.

Cyber Wargaming in the Digital World

The application of the wargaming concept in the cyber world is a relatively new phenomenon that needs to take root to provide maximum benefit. While many armies worldwide understand the potential national security implications of cyber threats and regularly engage in Cyber Wargaming at national levels and with allies, Cyber Wargaming in the private/civilian sector is still in its infancy.

Cyber wargaming differs from traditional cybersecurity measures such as technology control assessments, penetration testing, and vulnerability scanning. It not only encompasses these measures but also provides a healthy assessment of an organization’s cybersecurity posture. Additionally, cyber wargaming helps organizations prepare for unexpected situations where they may need to shut down parts of their corporate network and minimize losses, facilitating decision-making processes.

Designing a Cyber Wargame

Designing and conducting a Cyber Wargame is a complex process that requires the assistance of experienced and competent professionals. Since Cyber Wargames are designed to provide participants with a near real-time experience, wargame planners must be familiar with the latest attack and defense techniques and technologies. Businesses, companies, or organizations can undertake Cyber Wargames themselves, provided they have the right technical infrastructure, trained human resources, and maturity level. However, if any of these elements are lacking or deemed insufficient, it is better to seek help from qualified professionals and have the wargames conducted by external experts. It is also important to understand that a full-fledged Cyber Wargame involves more than just technical experts.

During implementation, as different scenarios or unexpected situations are presented, the company’s or organization’s C-Suite must be fully involved to assume their decision-making role. Additionally, a company’s legal, human resources, support, and administrative personnel, as well as public relations teams, must be included in real-time decisions and actions, playing a vital role in determining the overall outcome of the wargame.

The first step in designing a Cyber Wargame is to gain clarity on the scope and objectives of the wargame. A comprehensive understanding of the organization’s digital environment, including its vital digital assets/services, will facilitate planners in designing a realistic Wargame.

Scope of the Cyber Wargame

Defining the scope and scale of the wargame is a prerequisite for further planning and management. The scope of the wargame may include providing cybersecurity professionals with near real-time experience/training, as well as testing an organization’s cybersecurity posture at tactical, operational, or strategic levels. The number and level of participants are determined according to the scope and scale of the wargame. This exercise, if desired, can be conducted with the participation of third parties such as suppliers, customers, or even competitors.