This guide includes the following sections:

What is a custom scenario?

With Workforce Exercising, as well as assigning off-the-shelf scenarios created by Immersive Labs experts, you can also customize these, or create your own bespoke custom scenarios from scratch. This allows you to tailor these to your organization’s specific processes, policies and needs.

Things to consider: scenario planning

When preparing to write a new scenario, it is important to consider the following:

Risk area

What topic or risk area will your scenario be based on?
Are there any high-risk areas or particular threats your organization is currently facing?

Audience

Who is your target audience, and what are the expected behaviors and knowledge they should have?
Are there key teams or business areas you want to target?
What will resonate with your target audience?
What is plausible?

Cyber capabilities

What are your learning objectives?
Are there any key cyber capabilities you wish to exercise?
Are you looking to measure confidence against responses?

Resources & Event Timeline

What resources will you require to enable your content design?
Consider your organization's policies such as remote working policies. These can be embedded into your scenario, making it specific to your organization.
What are the key events that will take place in your scenario? What order do they occur in? The timeline of key events will then be your scenarios' foundation.
Can you adapt any current scenarios rather than write a new one?

We recommend browsing the scenario catalog as there may be existing scenarios that you can either adapt or take inspiration from.

Content builder: scenario components

Content builder refers to the area of the platform that allows managers to build their own content.

Parts

The parts of the scenario are the points where participants need to make decisions. Scenarios are made up of multiple parts.

We recommend including at least five parts, to ensure that sufficient data is captured.

Parts should be succinct and include key information.

Each part can include supporting attachments such as images, videos, audio and URLs. Including digital assets is important, as it’ll bring your scenario to life.

Attachment examples:

A video from an executive member of staff
An email from a member of staff affected by the crisis
An email of a customer complaint
A news article about your organization or the crisis
A recording of a voicemail message

Options

Each part consists of multiple options. Participants must choose one of the options in the part, to move along in the scenario.

Each option can be ranked as: weak, okay, good, or great.

One path should contain parts that have a great option. This would allow the participant to achieve a 100% score in the exercise.

However, you could write your scenario in a way, where only one path is likely to have all parts with great options. For example, selecting weak options could take your participants down a path where the best options from then on are only ranked as okay.

When writing your options, start with the best choice, followed by the least preferred choice. Then, fill in the gaps with the in-between choices.

Option feedback

This is what participants see, after selecting a particular option.

Feedback helps participants understand the quality of their response.

Where possible, map option ranking and feedback to your organization’s best practice, policies, or industry frameworks. For example, option A is a weak answer because ISO27001 says that…..A better option would have been to…..

Option feedback should include:

A summary of the decision they were asked to make
What made their decision great/good/okay/weak?
The rationale behind the rankings, particularly the great option

Branches

Choosing particular options might lead participants down different pathways. For example, in the part depicted in the screenshot below, calling the line manager has different consequences than calling the phone provider. Selecting each option will take the participant down a different branch in the scenario, representing the different consequences.

The tree view mode gives managers an overview of where options in each path lead to.

Use the tree mode to check that every pathway leads to the ending (marked as the epilogue in the content builder).

Performance indicators

Performance indicators show the immediate impact of a participant’s decision on one or more key business metrics.

They are dynamic graphs that change throughout the exercise, based on the participant’s decisions at various parts. They provide a visual representation of the real-world implications decisions would have.

They are completely optional and have no impact on the final exercise score.

Examples include:

Company reputation
Share price

All indicators should have a starting value. This would either increase or decrease based on the options selected in each part.

Data Quality and Behavioral Science Principles

Our Workforce Exercising scenarios are designed to educate people about cyber security by engaging them through the story, allowing them to consider options for action for their character and explore the outcomes that follow.

But, they go beyond this. Our scenarios have been designed with behavioral science at the very core, with the content of each scenario written in a way that reflects behavioral science principles and enables data collection to assess whether people are likely to behave securely in particular contexts.

This data can then be used to identify areas of strength and weakness across individuals, departments, and organizations and enable interventions and upskilling to be targeted where they are needed most.

When customizing content, consider the outcomes you want to achieve.

If you’re purely focused on engagement and education, some aspects, such as learning quality, are more important than others. If you also want to use the response data captured to inform risk management or demonstrate the impact of interventions, you need to make sure you customize content with data in mind.

Explore our Maintaining Data Quality and Behavioral Science Principles guide for information on how to maximize learning and ensure data quality, when creating your own content.

How to create a custom scenario

1. Navigate to Exercise in the main navigation menu, and then Workforce Exercising.

2. Select the create scenario button on the top right.

3. Choose whether to create a new custom scenario, or to create from an existing template.

Create a new custom scenario - select this option to jump straight to the content builder and create a new scenario from scratch
Create from template - this’ll take you to the scenario catalog, where you can choose an existing scenario to act as a template. Choosing this option will pre-populate the content builder with a copy of the chosen scenario, including scenario parts and any assets (such as media attachments). All of its elements can then be amended. New parts can be added and existing parts can be deleted.

Select Create.

4. Overview

The overview section is where you need to fill in the scenario details:

Scenario Title (e.g., Sample Manufacturing Ransomware Scenario)
Authoring Language - the authoring language is required for translation purposes. Translations are only supported for the languages listed in the drop-down list.
Industry sector (e.g., Manufacturing)
Attack vector (e.g., Ransomware)
Threat actor (e.g., Criminal Groups)
Briefing – This should set the scene and describe the crisis that your organization is faced with. We recommend writing this in a text editor before copying and pasting over to ensure that there aren't any typos or grammatical errors. A WYSIWYG rich-text editor to allow you to easily format the briefing.

5. Roles

The role section is where you decide which role(s) the participants are going to undertake in the scenario.

Select a category from the dropdown and give the role a title.

Add some context on the roles, including reporting lines, in the responsibilities area.

Scenarios can include more than one role.

A scenario with a single role means that the role would have to be present in all parts of the scenario.

In a scenario with multiple roles, assign roles to each part, when creating your parts. You can only assign one role per part.

To add more than one role, scroll down and select the add another role button.

6. Feedback

In the feedback area, choose whether to provide feedback and at what stage. It could be in every part with each option, or at the end of the exercise alongside the results.

7. Ranking

Choose whether to rank the options. We recommend you do, as it allows participants to understand the strength of their answer. It also means you’ll be provided with further granularity in reports, with metrics based on the strength of participants’ decisions.

8. Analysis

Choose whether the options presented to participants require justification and a confidence score.

Adding a confidence score provides further granularity around decisions made. E.g., selecting a weak option with a high confidence score is higher-risk than selecting a weak option with low confidence. Metrics around confidence levels will be present in reports, if this is measured.

Justification is in the form of free text. It won’t therefore contribute to metrics, but it could provide useful information and feedback.

9. Performance indicators

Choose whether you’d like your scenario to include performance indicators. Find out more here.

10. Create your parts.

Note: repeat the below process for each part you create.

To add a part, select the add part button.

Give your part:

A title
Time and date (this should be realistic and laid out logically, based on parts coming before or after)
A description
A risk area - this will help with meaningful analytics and reporting
A role assignment (if your scenario only includes one role, this’ll be assigned here by default)
Media attachments

11. Create your part options.

We suggest three to five options per part. Give each option:

A title
A description
Feedback (if enabled)
A ranking (if enabled)
Impact against your performance indicators (if enabled)
Option logic - select which part participants will jump to after selecting a given option. This enables you to build scenario branches/pathways. Create a new part here, or select a pre-populated path.

Complete all parts and options by repeating steps 10 and 11.

12. Epilogue

Write a concluding paragraph here to conclude the story’s narrative. Include the following:

Main impact of decisions
Key learning objectives

13. Test the flow of your scenario in preview mode.

NOTE: You can click the Preview Inject option to preview each inject as you create or edit them. This is an effective way of creating and editing injects, as it does not require you to run through the full scenario to test a single inject:

Select the preview button in the top right at any point during the content creation process. Navigate backwards and forwards within the scenario, select options, and return to the content builder by exiting preview, to continue creating or editing.

14. Select save to save your progress, so that you’re able to return to your draft scenario at a later time.

Note: Find draft scenario listed on the create scenario screen, under the ‘create a new custom scenario’ or ‘create from template’ options.

15. Select publish in the top right-hand corner when you’ve finished editing your scenario.