CTD Card Game

Personnel Booster

People are the lynchpin to the success – or defeat – of a computer network. Use the Personnel Booster Pack to build assets by recruiting Penetration Testers and CISOs to strengthen your defenses or seek out weaknesses in an opponent’s defenses by playing a “Rogue Employee” or “Hacktivist” attack card. The Personnel Booster Pack is available in English and Spanish.

Released March 2019

Order Deck
Security Systems Administrator card
Security Manager card
Recruitment Drive card
Penetration Tester card
IT Security Engineer card
IT Security Consultant card
Information Security Analyst card
Hacktivist card
Failed Certification card
CISO card
CERT card
Rogue Employee card
Security Systems Administrator card

Security Systems Administrator

The security systems administrator is in charge of system monitoring, running regular backups, and setting up, deleting and maintaining individual user accounts.

Prevents Attack – Hack, Data Breach and Phishing type cards from being played. Discard this card after 3 rounds.

Security Manager card

Security Manager

Security Managers create and execute security strategies based on the input from the Security Director and/or the CISO. They must also test and implement new security tools, lead security awareness campaigns and administer both budgets and staff schedules.

Before your draw phase, you may choose to put 1 card from your hand at the bottom of your deck and then draw 1 card.

Recruitment Drive card

Recruitment Drive

You hold a recruitment drive in an attempt to bring in new personnel to your workforce.

Discard 1 card from your hand then draw 3 cards. Remove this card at the end of the round.

Penetration Tester card

Penetration Tester

Penetration testers are authorized personnel tasked with breaking into and finding vulnerabilities in computers and networks before outside intruders can cause harm.

Search your deck for a Defense card that removes an Attack card your opponent has in play. Show your opponent the drawn card, then put that card into your hand and shuffle the deck. Discard this card after shuffling.

IT Security Engineer card

IT Security Engineer

IT Security Engineers provide a specialized engineering approach to cybersecurity, often involved in systems maintenance and performing security checks.

You gain 1 point at the end of the round for each Attack card in your opponent’s discard pile, to a max of 3 points. Discard this card at the end of the round.

IT Security Consultant card

IT Security Consultant

IT Security Consultants advise organizations how to best protect their cybersecurity objectives in a cost-effective manner.

When played, draw 1 card and show your opponent that card. If it’s a Defense card, draw another card. Otherwise, you gain 1 point at the end of the round. Discard this card at the end of the round.

Information Security Analyst card

Information Security Analyst

An Information Security Analyst (ISA) is responsible for the protection of several computer systems and networks.

Choose one:

At the start of each round, select one of your Defense cards in play. It cannot be discarded this round by any opponent while this card is in play.

OR

Select an Asset card from your discard pile that is not a Personnel type and shuffle it into your deck. Discard this card at the end of the round.

Hacktivist card

Hacktivist

Your opponent has been targeted with a coordinated campaign from a nefarious group who is opposed to their political views.

Select an opponent. That opponent must discard 1 card from the top of their deck. While in play, that opponent loses 2 points per round. Discard this card after 2 rounds.

Failed Certification card

Failed Certification

One of your opponent’s staff has not kept up their certifications for their field and must be let go.

Choose an opponent and select 1 Personnel card that they have in play. Discard this card and the selected card immediately. If no Personnel card is in play, your opponent must reveal their hand and they must choose a Personnel card from their hand to discard if possible. Discard this card at the end of the round.

CISO card

CISO

A Chief Information Security Officer (CISO) is responsible for planning, coordinating and directing all computer, network and data security needs of their employer.

Each Personnel card that you have in play, excluding Attack – Personnel, generates 1 point at the end of the round while this card is in play. Discard this card after 2 rounds. You may only have one “CISO” card in play at a time.

CERT card

CERT

A Computer Emergency Response Team (CERT) is engaged to respond to security breaches, viruses and other potentially catastrophic incidents impacting your network.

Play up to two Defense cards from your hand as Events in response to an Attack played against you. At the end of the round, you lose 1 point for each Defense card played in this way. Discard this card at the end of the round.

Rogue Employee card

Rogue Employee

A disgruntled employee that works for your opponent intentionally allowed a major data breach to occur. The employee has been caught and fired.

Remove a Personnel card, excluding Attack – Personnel, that an opponent has in play. If that opponent has no Personnel in play, excluding Attack – Personnel, remove one of their Defense cards instead. That opponent loses 2 points at the end of the round. Discard this card at the end of the round.

Get Updates And Stay Connected Subscribe To Our Newsletter

Subscribe

The CIAS was established at UTSA in June of 2001 as part of UTSA’s creation of a cybersecurity program. The CIAS delivers quality research, training, K-12 education, and competition and exercise programs to advance organizational and community cybersecurity capabilities and collaboration.

Contact

Facebook Youtube Linkedin
© 2024 The Center for Infrastructure Assurance and Security. This work is licensed under a Creative Commons Attribution-NonCommercial 3.0 Unported License

CIAS in the news

arrow