This Sandbox Challenge involved students roleplaying in groups as the Head of IT Security at a large media company in Australia. The company faced some common challenges pertaining to large organisations such as a lack of security awareness among staff, ineffective controls and lack of executive buy-in. The company also recently suffered a data breach from a social engineering attack.
Students were tasked with revitalising the company’s existing training program by re-designing their security awareness program, proposing a training session for employees specifically targeted at social engineering awareness and recommending technical controls for the protection of data.
Over 8 weeks, students developed 18 unique security awareness programs. These programs featured gamified solutions, micro-learning education modules on mobile, interactive slide decks for face-to-face workshops and more. Technical controls proposals were also developed with feasibility analyses performed and third-party recommendations provided.
Academic Mentor: Dr. Yenni Tim (School of Information Systems and Technology Management)