The Australian National University is using a role-playing game to help it recruit cyber security team members.
The university said it had been inspired by large government departments in having candidates act out hypothetical scenarios in a bid to understand how they think and to test personality fit.
Alongside standard HR methods, the Canberra-based university gives candiates an ethical challenge, such as how to make choices that calibrate an AI that controls the world where you live, according to ANU program director for information security Liz West.
West told iTnews the game is facilitated by a ‘games master’, with candidates given a set of challenges and prompts, and the game adapting to and around the players dynamically.
She added the university partnered with Callie Doyle-Scott, independent writer and game maker, to develop the interactive role-playing experience in 2019.
Called ‘Logic Error Detected’, it was developed under a program called 'Reimagine' in the College of Engineering and Computer Science.
West told a Gartner Security and Risk Management Summit in Sydney that a person “on paper looks very different than in-person and very different than in the team”.
She said the purpose of the RPG is “is not about the job we want them to do. It's about how the group interacts with each other”.
West, whose interest is in the behavioural and organisational change needed to confront modern information security challenges, said candidates are assessed on various attributes, including what they do “when they don't even know they're doing it”.
“We do this alongside their paperwork …. and there might be technical testing if there's particular tools that they need to work on," she said.
“But it's about seeing how they interact as personalities.
"What we found in running [the RPG] is we see those same attributes once they're in the role.
“We see people who are natural leaders, we see people who are natural disruptors. We see people in the game, who were really quick to make decisions and in an incident response, they’re brilliant, because they can take as much data as they got their hands on they can make a really quick decision.
“We see that people who needed to take time to digest and come to a really considered position... and people who go down rabbit holes and try and uncover rocks, are really, really good in investigations."
West said this helped assemble multi-disciplinary and well-rounded teams.
She noted that team dynamic was a continual focus once people were onboarded to cyber security teams.
