Curious and Secure

Hack Attack: Defense Training Materials Only (No Game)

Hack Attack: Defense Training Materials Only (No Game)

$35.00

All the digital components needed to run Hack Attack: Defense with an already owned copy of the game as a professional security awareness session. Includes a 27-page Facilitation Guide and a 36-slide deck — from pre-session prep through compliance documentation. Satisfies NIST, ISO 27001, SOC 2, PCI DSS, and HIPAA awareness training requirements. No security expertise required to facilitate.

Category: , , ,

Description

Turn One Card Game Into a Complete Security Awareness Session

Most security awareness training fails for one reason: it’s designed to satisfy a checklist, not change behavior. Employees sit through it, click the completion box, and forget it by Friday.

Hack Attack: Defense works differently. Players don’t read about attacks — they experience them. When a Ransomware card hits the table and someone watches their Tech cards disappear, they’re not processing information. They’re reacting. That reaction, and the conversation that follows, is where real learning happens.

The Training Materials give your facilitator all they need to pair with an already owned copy of the game Hack Attack: Defense run that session with confidence — whether they’re a seasoned security professional or a people manager who’s never led a security awareness activity before.

 

What’s Included

Facilitator’s Guide — 27-page PDF

Your complete facilitation reference, built for use before, during, and after the session:

  • Section 1 — Before You Facilitate: The philosophy, what the session accomplishes, what it doesn’t, and what you need
  • Section 2 — Session Agenda: A timed 75-minute agenda you can run as-is or adapt
  • Section 3 — Running the Game: The 60-second rules explanation, how to handle Attack cards and User Error cards, common questions and how to answer them
  • Section 4 — Debrief by Category: Discussion guides for all six defense categories — Backups, Device Security, Home Network, Passwords, Social Engineering, Social Media — plus the full Reality Check capstone
  • Section 5 — Attack Card Debrief: Facilitation notes for each of the eight attack cards, grounded in how the attacks actually work in the real world
  • Section 6 — Translating to Your Organization: A fill-in framework for connecting the game scenarios to your specific systems, policies, and current threat landscape
  • Section 7 — User Error Card Debrief: Facilitation notes for each of the eight user error cards — no shame, just recognition and habit change
  • Section 8 — Action Items & Close: The One Thing framework — how to end the session with a specific, named 48-hour commitment from every participant
  • Section 9 — Compliance Mapping: How this session maps to NIST CSF 2.0, ISO 27001:2022, SOC 2 Type II, PCI DSS v4.0, and HIPAA
  • Appendix A — Completion Certificate: Print-ready, brandable certificate for participants
  • Appendix B — Attendance Log: Documentation template for compliance records
  • Appendix C — Defense Categories Quick Reference: One-page lookup for facilitators during the session

Facilitator Slide Deck — 36 slides

A branded, participant-facing presentation for the full session. Built to run on screen during the game and debrief — so your facilitator isn’t working from memory:

  • Session overview and agenda
  • How to play (quick reference for participants)
  • The four card types — visual reference with real card images
  • One slide per defense category, with the key insight and card examples
  • Reality Check — full-page treatment with the session’s core thesis
  • One slide per attack card, with how the attack works
  • One slide per user error card
  • The One Commitment close
  • Resources to take home

Who It’s For

Security awareness managers who need a program that satisfies compliance requirements without putting the team to sleep.

L&D and HR teams who want an activity that creates real conversation — not just content delivery.

Managers and team leads running a security awareness moment for their own team, without security expertise on staff.

IT and security professionals who know the threats cold but want a better way to explain them to non-technical colleagues.

No prior security knowledge required to facilitate. The guide and deck carry the content — your facilitator brings the conversation.

 

Compliance Callout

Satisfies security awareness training requirements under:

  • NIST CSF 2.0 — PR.AT-01 (Awareness and Training)
  • ISO 27001:2022 — Control 6.3 (Information Security Awareness, Education and Training)
  • SOC 2 Type II — CC1.4 (Demonstrates Commitment to Competence)
  • PCI DSS v4.0 — 12.6 (Security Awareness Program)
  • HIPAA — §164.308(a)(5) (Security Awareness and Training)

Attendance log and completion certificates included for documentation.

Reviews

There are no reviews yet.

Be the first to review “Hack Attack: Defense Training Materials Only (No Game)”

Your email address will not be published. Required fields are marked *

Related products