Cyber 360 Exercise

Lights on a network appliance

Photo by Romain Decker CC BY 2.0

On August 31, 2015, RAND's Washington office hosted an all-day, analytic exercise on cybersecurity, presented as the Cyber 360 Exercise. We designed this exercise to elicit insight into the current national cybersecurity dialog. Our goal in crafting this event is to ensure the cybersecurity discussion is not trapped within narrow technical, national security, or legal stovepipes and includes an examination of economic, civil and societal factors. We posit that constructive approaches to minimize problems posed by the internet will include cross-societal considerations. The Cyber 360 Exercise aims to provide a forum to examine cybersecurity options from numerous perspectives.

How was the game structured?

The exercise took the form of a serious game structured around two cybersecurity vignettes. Each vignette presented a potential future in which an emerging cybersecurity problem produced a fundamental challenge to our society. The "key-official" for this event asked heterogeneous teams of participants to account for a variety of societal perspectives and present solutions that balanced competing interests. Specified viewpoints included, but were not limited to, individual and collective security, privacy and civil liberties, long-term economic prosperity, and effective rule-of-law.

Who attended the conference?

The event, hosted by Ryan Henry and Igor Mikolic-Torreira of RAND, was attended by 56 participants. Richard Danzig served as the key official. The event followed the Chatham House Rule, where participants were free to use what they learned during the game, but cannot reveal the identity or affiliation of the speaker(s). To capture a broad set of perspectives and expertise, we invited participants from across the spectrum of cybersecurity stakeholders, including government, commerce, advocacy groups, and individuals. We invited participants from academia, government, media, private sector, advocacy groups and foundations and included individuals with legal, economic, technology, policy, security and privacy experience.

How can I get an invitation to future events?

To capture a broad set of perspectives and expertise, we invited participants from across the spectrum of cybersecurity stakeholders, including government, commerce, advocacy groups, and individuals. While we limited this specific event to invitees to ensure adequate representation across sectors, we will hold future events. For your name to be considered in the future, please email Cyber_Colloquium@rand.org.