top of page

Perefct assets ...

Extensive experience with big brand sush as Maserati ad Alfa Romeo.

Our Play To Earn videogame built with the Unity game engine. 

We developed a proprietary algorithm to make huge collections while keeping the quality high

UX / UI Desgin system for this innovative phone

UX / UI Desgin system for this innovative phone

Perefct assets ...

PIGIAMA KASAMA

CYBERSECURITY: HOW TO TRAIN EMPLOYEES USING VIDEO GAMES

PIGIAMA KASAMA is collaborating with enterprises and corporations to develop games and applications using XR technologies for cybersecurity training


Cybersecurity awareness training by PIGIAMA KASAMA

According to the University of Maryland, every 39 seconds, a company in the world becomes the target of a cyberattack. Astonishingly, IBM data has found that 90% of these cyber-attacks are caused by human error and employees’ lack of knowledge about cyber threats. Despite sophisticated security systems, the human element often remains the weakest link in the cybersecurity chain.


It is with this problem in mind that at PIGIAMA KASAMA we are focusing on collaborating with enterprises and corporations to develop serious games and applications using Extended Reality (XR) technologies for cybersecurity awareness training. Our mission is clear: innovate traditional training methods by creating engaging, interactive experiences that effectively change behaviors and enhance security awareness.


The human element in cybersecurity

The proverb “a chain is only as strong as its weakest link” aptly describes the current state of cybersecurity. Cybercriminals exploit human vulnerabilities through attacks like phishing and ransomware, which manipulate psychological factors to deceive individuals into compromising security protocols.


  • Phishing attacks: these involve sending deceptive messages that create a sense of urgency or fear, prompting recipients to disclose confidential information. For instance, an employee might receive a counterfeit email claiming to be from their bank, urging immediate action to prevent account suspension.

  • Ransomware: users are tricked into downloading malicious software disguised as legitimate programs. Once installed, the ransomware encrypts the user’s data, rendering it inaccessible until a ransom is paid—often with no guarantee of data recovery.


These attacks not only lead to financial losses but can also severely damage a company’s reputation and trustworthiness.


Limitations of traditional training methods


Immersive training for cybersecurity

Traditional cybersecurity training often falls short due to its episodic nature and lack of engagement. Employees may view mandatory training sessions as tedious obligations, leading to low participation and minimal retention. This disconnect results in a workforce that is ill-prepared to recognize and respond to cyber threats effectively.


Harnessing gamification for effective training

Incorporating gamification into cybersecurity training offers a dynamic solution to these challenges. By integrating game elements into learning, we can:


  • Increase engagement: Interactive and immersive experiences capture attention more effectively than conventional methods.

  • Enhance retention: Gamified training reinforces knowledge through active participation, improving the ability to recall and apply information.

  • Promote behavioral change: Regular, short training sessions encourage the development of safe habits and a proactive security mindset.

  • Personalize learning: Tailored content meets users at their level of understanding, making training more relevant and effective.


Implementing an effective gamified training program

Creating a successful gamified training experience involves several key steps:


  1. Know your audience: tailor the training to the users’ technical proficiency and daily responsibilities. For non-technical staff, simple and intuitive platforms may be appropriate, while more advanced users might benefit from specialized environments (f.e. TryHackMe).

  2. Select appropriate technology: choose tools that align with the organization’s needs and the users’ capabilities. The technology should facilitate the training goals without creating unnecessary barriers.

  3. Define clear rules and objectives: establish what is expected from participants, including the benefits of engagement, how progress is measured, and the consequences of non-participation.

  4. Choose the right game elements: incorporate motivators such as storytelling, challenges, avatars, and progress bars to enhance engagement. Be cautious with competitive elements like leaderboards, which may induce anxiety rather than motivation in some environments.

  5. Regularly update content: keep the training material current with the latest cybersecurity threats and trends to ensure ongoing relevance and effectiveness.

  6. Measure outcomes: implement metrics to assess knowledge acquisition, behavioral changes, and overall effectiveness of the training program.


How to design an effective cybersecurity immersive training 

Immersive training for cybersecurity

Most cybersecurity awareness training follows a straightforward approach: introduction, training, and a quiz. While informative, this method often struggles to keep employees engaged. By incorporating gamification strategies, training becomes more interactive and effective. Here are six mechanics to consider:      


  • Points: award points for each correct answer or for demonstrating good security practices. This encourages users to engage with the content and strive for better scores.          

  • Levels: implement a leveling system where accumulating points leads to higher levels. This sense of progression motivates users to continue participating.       

  • Rewards: offer rewards for reaching certain levels or completing challenges. These could be digital badges, certificates, or tangible incentives like gift cards.

  • Leaderboards: introduce friendly competition by displaying leaderboards. Seeing their name climb the ranks can motivate employees to improve.           

  • Badges: recognize achievements with badges for completing difficult tasks or maintaining consistent participation. Badges fulfill the need for recognition and can be shared within the company.                

  • Challenges: present timed quizzes or phishing simulations as challenges. Overcoming these can boost confidence and reinforce learning.


The Growing importance of cybersecurity training

With cyber threats becoming more sophisticated, the need for effective cybersecurity training is more critical than ever. Companies are recognizing that traditional methods are insufficient and are turning to innovative solutions to protect their assets and reputation.


Empowering employees with the knowledge and skills to act as the first line of defense is essential for any organization’s cybersecurity strategy. By leveraging serious games and XR technologies, we can transform cybersecurity training into an engaging, effective, and impactful experience.


At PIGIAMA KASAMA, we’re committed to helping organizations strengthen their cybersecurity posture by turning their employees from potential vulnerabilities into empowered defenders. Let’s work together to build a more secure future.


For more information on how we can support your organization’s cybersecurity training needs, you can request a free videocall:



bottom of page