ABSTRACT
Cyber wargaming is an important part of preparations for cyber defence and offence. Current games have predominantly taken one of two forms: “Capture the Flag” type exercises, usually designed to train network administrators; and umpired manual table-top or committee games during which the umpire arbitrates outcomes based on their professional judgement, a type of “free” Kriegsspiel wargaming. The former method is technically focused, but usually not representative of real technical challenges and responses. The latter method suffers from the lack of umpires with relevant experience to drive the game narrative in a realistic manner. However, there have now been sufficient examples of cyber conflict to demonstrate some trends. A cycle of cyber wargames with different audiences has identified further likely trends. There is also a clear need to create unclassified games that allow a wider range of intellectual capital to be applied to cyber security problems. The evidence is that, despite their limitations, cyber wargames are an essential part of the preparation for national cyber emergencies.
