Ever feel like cybersecurity is overwhelming or just too technical? That’s exactly how my dad felt every time he read about a new cyber threat in the news. He’d send me links to articles, panicked, and I’d explain what was happening and what he could do about it. Soon, I noticed this same reaction among my non-tech colleagues at work: they were anxious and wanted answers, but they didn’t know where to start. That’s when it hit me—there needed to be a fun, simple way for anyone to build confidence and critical thinking skills in cybersecurity. So, I created Byte Club.
Why a Card Game?
Cybersecurity is a huge, evolving field, and it’s easy to feel lost or fearful without a background in it. The goal with Byte Club was to make cybersecurity accessible and approachable without relying on experts or presentations. Traditional teaching tools like slideshows weren’t going to cut it! As someone who loves modern board games, I thought, “Why not bring some of that fun and approachability into cybersecurity education?” The idea was to create a card game that’s engaging enough for everyone—even if cybersecurity isn’t their thing.
The Fun of Learning Through Play
Inspired by the popular Exploding Kittens game, Byte Club was designed to be played at family game night or at conference events, making it approachable for everyone. Unlike other cybersecurity games that are often geared towards experts, Byte Club is for the everyday person, allowing anyone to learn core concepts by playing. We say in cybersecurity, “You can’t bolt on security—it has to be baked in.” The same applies for fun and learning. You cannot bolt fun onto a learning experience, it has to be baked in.
Building Confidence Through Critical Thinking
My goal with Byte Club wasn’t to turn people into cybersecurity experts; rather, it was to help them think critically about cyber events. Byte Club introduces two key frameworks that make cybersecurity discussions manageable:
- The Cyber Kill Chain - This breaks down the typical steps an attacker follows in a cyber attack.
- The NIST Cyber Framework - This framework focuses on key defense activities individuals and companies can use to protect themselves.
Understanding these frameworks helps players develop a basic mental model for understanding cyber events, reducing their fears and giving them tools to approach cybersecurity confidently.
How to Play Byte Club
In Byte Club, you play as a cybersecurity practitioner in a “capture the flag” event. "Capture the flag" events are competitive challenges where players complete cybersecurity tasks within a time limit—often held at industry conferences. Your goal is to attack other players’ hands while defending your own cards.
The 72-card Byte Club deck includes cards that represent steps in the Cyber Kill Chain or activities from the NIST Cybersecurity Framework. Each card’s action simulates a real cybersecurity step or defense activity. You win by:
- Holding the Data Flag card when the Times Up card appears, or
- "Mastering" the Cyber Kill Chain and NIST Framework by having at least one of each card in front of you.
When to Play
Byte Club is designed to be flexible. Here are some ideal settings:
- Workshops: Host a live 1-hour workshop with a quick introduction, a 30-minute game session, and a debrief to discuss key takeaways.
- Conferences: Byte Club is a crowd-pleaser and a great way to draw interest while educating.
- At Home: Enjoy Byte Club on game night with friends and family—it’s fun and low-pressure, perfect for any age group.
Each month at work, I run a "Cyber Book Club" using real-world news articles. I break down each event with the Cybersecurity Kill Chain, share it with our security champions, and then we meet to apply the NIST Framework. Surprisingly, some of our most engaged members are from accounting and customer support, proving cybersecurity is for everyone
So next time cybersecurity feels overwhelming, remember: life is a game—play it!
Get your copy of Byte Club here
