About CISO Game

Play CISO Game free Free demo · no signup · plays in 30–45 min

CISO Game is a free, browser-based cybersecurity strategy simulator. The player runs information security as the CISO of a fictional 500-person company across 5 in-game years. No install, no signup required for the demo, plays in 30–45 minutes.

Why this exists

Security leadership is one of the few executive functions that has almost no good simulation. Aspiring CISOs read frameworks (NIST CSF, ISO 27001, MITRE ATT&CK), study for certifications (CISSP, CCISO, CISM), and shadow incumbents — but the actual job, with its budget trade-offs, board politics, vendor management, breach response, and 5-year strategic cadence, is something you only learn by doing. CISO Game is a sandbox for doing it without the consequences.

What's modeled

The simulation tracks five live metrics (Composite Posture, Board Confidence, Customer Trust, Business Friction, Team Morale), six posture subscores (Detection, Response, Prevention, Recovery, Identity, Awareness), 52 cybersecurity risks aligned to real frameworks, and 99+ vendor-neutral product, hire, and service investments. The event catalog covers ransomware, regulator-clock disclosures (GDPR Art. 33, SEC 8-K, NYDFS Part 500, OCR HHS, DORA, CIRCIA, NIS2), board strategic reviews, M&A diligence shocks, AI red-team findings, vendor consolidation pressure, and team management crises.

About the creator

CISO Game was designed by Arik Volkov. The risk-and-control mechanics are grounded in real security practice — the risk register aligns with NIST CSF functional areas, the catalog reflects how real security tooling categories actually work in practice, and the scenarios draw from common CISO archetypes (post-incident recovery, fintech IPO crunch, healthcare ransomware year, AI startup, M&A integration). The catalog is deliberately vendor-neutral — categories like "Mid-Tier EDR" and "Continuous Control Monitoring" instead of brand names — so the game stays evergreen and useful as a thinking tool for real procurement.

Who it's for

Aspiring CISOs and CISO-track security leaders
Students preparing for CISSP, CCISO, CISM certification
Cybersecurity professionals exploring strategy trade-offs
Gamification enthusiasts interested in turn-based simulations rooted in real risk-and-control mechanics

How to play

Click here to start a free demo run — no signup needed. The demo plays in your browser and saves to local storage. If you want to keep your run across devices or appear on the leaderboard, you can sign up later — your demo state migrates automatically.

Contact

For feedback, bug reports, or feature requests, reach out via the in-game advisor panel.

Copyright and use

CISO: The Strategy Game and all of its content — game design, mechanics, risk register, investment catalog, scenarios, and narrative text — are © 2025–2026 Arik Volkov. All rights reserved. Reproduction, redistribution, derivative works, or re-hosting of any kind is prohibited without express written permission. Public references with attribution (e.g., "CISO Game at cisobility.com") are welcome.

Play CISO Game free →