"This interactive exercise is seeking hackers, penetration testers and/or individuals who are well-versed in the area of cyberattacks and can engage in similar decision-making processes as the bad guys. The exercise will be conducted in two phases:
Phase 1 - Attack process without any response: Here participants will engage in a single focus group to collectively discuss the decision-making process at the various stages of the attack (including R&D phases prior to commencing the attack).
Phase 2 - Attack process with defender response: Here participants will be broken into two focus groups to generate a dynamic attacker-defender game to understand the 'adaptive' adversary. That is, (how) does the decision-making process change in response to defender actions?
The goal/deliverable of this exercise is to create a preliminary ‘cyberattack playbook’ that captures (i) the attack process and (ii) dynamic and adaptive adversary.
Please note: this is an oral, interactive group exercise. There are no systems to actually attack/defend! This is a rudimentary exercise and tries to gauge human behavior and thought processes by getting participants to talk to one another, ask questions, exchange anecdotes, and comment on each others' experiences and points of views.
Also note: All responses will be anonymous. The discussion will be recorded for later transcription purposes (also anonymous). The exercise does not ask about specific incidents and has been approved by the university ethics committee. All users will be given an information sheet at the beginning of the exercise and can withdraw at any time."