1.

Open a web browser and go

to http://targetedattacks.trendmicro.com/ accomplish the "Targeted
Attack: The Game". This game by Trend Micro will place you in different
situations in a company that requires critical decision-making when it comes to
cybersecurity and risk management.
2. No need to create an account.
3. Carefully read conversations (subtitles) within the game, for you to come up with the
appropriate cybersecurity-related decisions when a question pops-up. You may also take
down important information that would help you answer items in Step 5.
4. At the end of the game, a summary explaining your decisions will be presented to you.
5. After the summary explaining your decisions, answer the following items (essay) using
not less than four (4) sentences:
6.
a. Is cybersecurity risk management complex? Why or why not?
- Yes, it is complex. For me, at least. In creating a secure cybersecurity risk management
system, you must have all the knowledge about different types of threats as well as its
composition and you must have a deep understanding on how a hacker should think in
hacking a system.
b. What particular cybersecurity/risk management question in the game was difficult
to answer? Rationalize your answer.
- The hardest question for me is whether to decide full out the cables of shutdown the
serves or just leave it be. Because pulling the cables has an option of calling the cops
while letting it a bay would mean you ignore the threat that was presented. Of course,
shutting down the server may cause a massive lost in the data. I’m in between decisions.
c. Would you answer differently if you were asked to play the game again? Why or
why not?
- I have played the game for over 5 times and all ends in failure. I have changed my
answers several times but there is one question in the situation that I did not change my
answer. It is calling the forensic investigation. Because in any case whether the breach is
a bluff or not, we must be sure that there is no threat.
d. What vulnerabilities or threats have you encountered in the game? Briefly explain
each.
- I have encountered breach in the system and ransome attack.
e. Is it important and necessary to analyze risks and perform preventive measures
against possible attacks for a network? Why or why not?
- Yes, in order not to have any risk in the system that will cost much more to the company
having to know the risk and preventing it is necessary.