Introducing The What Would You Do? (Data and Cyber) Game

in , , , /by

Training around data, data protection, cyber security and AI is essential. But let’s be honest, it does not always spark the kind of engagement that leads to meaningful behavioural change.

Policies are read. Slides are presented. Boxes are ticked. Yet when a real-world situation arises, uncertainty can still creep in.

That is exactly why we developed The What Would You Do? (Data and Cyber) Game!

This new, interactive card game has been designed to bring everyday digital decisions to life. It creates space for discussion, challenge and reflection in a way that traditional training often cannot. Instead of telling people what the right answer is, it asks them to think it through.

And that is where real learning begins.

Turning Knowledge into Practical Confidence

Most data and cyber incidents are not caused by a lack of policies. They happen because of human decisions made in the moment.

The game presents realistic scenarios that reflect the kinds of situations staff face every day. A request for access that feels slightly uncomfortable. An unusual email that might or might not be genuine. A shortcut that saves time but raises questions about safety and compliance.

Participants are invited to consider a simple question: What would you do?

Through structured discussion, led by a facilitator, teams explore different perspectives, challenge assumptions and build confidence in making informed, responsible decisions. It is not about catching people out. It is about creating a safe environment to explore risk, responsibility and accountability.

Suitable for Every Level of an Organisation

One of the strengths of the game is its flexibility.

It works equally well with leadership teams, operational staff and mixed groups. Senior leaders gain insight into how digital risk is understood across the organisation. Staff develop a clearer appreciation of the wider impact of their day-to-day decisions.

Different card packs allow the experience to be tailored to the audience. Leadership themes can focus on governance, accountability and strategic risk. Staff scenarios can centre on practical, operational situations.

This adaptability makes the game a valuable addition to induction programmes, team development sessions, leadership away days and compliance initiatives.

A Different Kind of Learning Experience

Early feedback has highlighted what makes the game so effective.

Participants actively debate the issues. They engage with the subject matter. They take ownership of the discussion.

Rather than passively receiving information, they become part of the learning process. Important topics are explored in a way that feels relevant and grounded in reality.

When people are involved in shaping the conversation, they are far more likely to remember it and apply it.

“Through traditional training means, it has been difficult to truly engage and excite our staff in cyber and data protection, so that they can actively support our organisation to meet it’s digital and GDPR objectives. Staff debated and discussed key topics and took on board new information while playing the game. The game helped bring important topics to life for the attendees in a way other methods simply don’t. It has been an excellent addition to our cyber security toolset.”

– Head of Digital Services

 

How It Can Be Delivered

Organisations can choose the level of support that suits them.

Cybata can deliver a full, on-site experience, including training an internal facilitator and co-facilitating sessions with your team. Remote training options are also available for organisations that prefer virtual delivery.

For those with in house expertise, the game can be purchased with a comprehensive instruction manual, allowing it to be facilitated internally.

Trusted facilitators from the data protection, compliance and IT sectors are also available to support delivery where needed.

Expansion card decks are made available from time to time covering industry hot topics, regulatory changes, and sector-specific content.

Why This Matters

Digital literacy is no longer optional. Regulatory expectations continue to rise. Cyber and data threats continue to evolve. Reputational and financial risk can escalate quickly.

However, strengthening digital resilience is not only about technical controls. It is about people.

The What Would You Do? (Data and Cyber) Game recognises that building a culture of accountability and awareness requires conversation, reflection and shared understanding.

By encouraging teams to think critically about real world scenarios, the game helps embed practical confidence alongside operational competence and compliance knowledge.

If you would like to explore how the game could support your organisation, we would love to speak with you.

Because when it comes to data and cyber decisions, what you do next really matters!