Simulating ERP Cyber Incidents: A Serious Game for Awareness and Incident Management
摘要
ERP systems are fundamental to enterprise operations. As a result, they are increasingly targeted by sophisticated cyberattacks. This paper presents the design, implementation and evaluation of a serious game scenario titled ERP-Systems in Need, developed to raise awareness of cybersecurity specifically within ERP contexts. Building on the existing game A Question of Security, this work applies a Design Science Research approach to simulate realistic ERP security incidents. The serious game emphasizes experiential learning through multirole scenarios and was evaluated in academic settings. The findings suggest that the game is effective in increasing knowledge, participation, and preparedness for ERP-related cyber threats.