跳到主要內容

簡易檢索 / 詳目顯示

研究生: 郭晏辰
Kuo, Yen-Chen
論文名稱: 桌遊融入資安教育 — 以「資安風暴:企業保衛戰」為例
Integrating Board Games into Cybersecurity Education: A Case Study of "Cyber Storm: Corporate Defense"
指導教授: 張欣綠
Chang, Hsin-Lu
口試委員: 李怡慧
王凱
學位類別: 碩士
Master
系所名稱: 商學院 - 企業管理研究所(MBA學位學程)
Master of Business Administration Program(MBA)
論文出版年: 2026
畢業學年度: 114
語文別: 中文
論文頁數: 36
中文關鍵詞: 資安教育嚴肅遊戲桌上遊戲MDA 框架資安防禦矩陣(CDM)
外文關鍵詞: Cybersecurity Education, Serious Games, Board Games, MDA Framework, Cyber Defense Matrix (CDM)
相關次數: 點閱:8下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報
  • 隨雲端運算與人工智慧(AI)的廣泛應用,資安威脅已由單純的技術問題演變為衝擊組織韌性的系統性風險。尤其在生成式 AI 爆發與全球供應鏈相互連動的趨勢下,非資安專業背景人員在日常業務與資源配置中,正面臨著如何進行資安風險權衡與落實防範決策的挑戰。然而,傳統單向講授之資安教育往往存在認知藩籬,因此本研究以資安教育為核心,選定 A 公司出品之原型資安桌遊為研究標的,結合嚴肅遊戲設計原則與現代資安治理實務進行教具改編,開發出適合非資安專業背景者使用之桌遊教具《資安風暴:企業保衛戰》。
    本研究之目的首在分析原型桌遊之設計元素與優劣,作為桌遊開發與改編之依據。其次,本研究透過桌遊試玩,測試實際遊玩體驗,並導入 Mechanics, Dynamics, Aesthetics(MDA)框架進行質性資料與研究結果分析,藉此驗證本桌遊教具在轉譯專業知識、娛樂性以及降低操作門檻上之成果。研究結果顯示,在機制(Mechanics)層面,改編版桌遊將資安防禦矩陣內化為遊戲之二維底層邏輯,引入 AI 語音偽冒、供應鏈攻擊與零信任架構之身分治理卡牌,反映現代資安實務之轉移。研究證實,透過示範引導與即時回饋之配套,能協助非專業背景玩家跨越專業術語障礙。在動態(Dynamics)層面,技術語言的簡化與三圈進程之優化顯著降低了理解門檻,成功誘發了極端風險自留、適應性風險治理與重創後生存韌性調整等多元且擬真的資源配置行為,反映企業在現實預算拉鋸下之決策思維。在美學(Aesthetics)層面,利用節慶連續攻擊等情境棋格搭配政策補助之隨機元素,成功營造出高度投入之社交張力與心理緊張感。此種深層的沉浸體驗轉化為的求知與探索動機亦促進知識的內化,使學習者自發性地認同預防性資安治理觀點。
    綜上所述,參與者在經過桌遊試玩後,其資安意識已由碎片化的點狀記憶,演進為架構式的系統性治理思維。本研究之改編教具成功實踐了嚴肅遊戲兼顧娛樂性與教育性之核心目標,為跨領域之資安管理教育提供了一套兼具知識學習與趣味性的教學方案。


    With the rapid adoption of cloud computing and artificial intelligence (AI), cybersecurity has transformed from a purely technical issue into a systemic risk affecting organizational resilience. Driven by generative AI threats and interconnected supply chains, employees from non-cybersecurity backgrounds must now possess the capacity to weigh risks and make defensive decisions. Because traditional lectures often fail to overcome cognitive barriers, this study combines serious game design with modern cybersecurity practices to adapt a prototype board game into Cyber Storm: Corporate Defense, an educational tool tailored for non-technical learners.
    This study first evaluates the prototype game to establish a design foundation. Through playtesting sessions, qualitative data are analyzed using the Mechanics, Dynamics, and Aesthetics (MDA) framework to validate the game’s knowledge translation, entertainment, and accessibility. The results show that at the Mechanics level, the game embeds the Cyber Defense Matrix (CDM) as its foundation, integrating contemporary scenarios such as AI voice spoofing, zero-trust identity governance, etc. At the Dynamics level, simplified terminology and a three-round progression lower operational thresholds, inducing realistic strategic behaviors—such as risk retention, adaptive governance, and post-incident resilience adjustments—that mirror real-world corporate trade-offs. At the Aesthetics level, contextual board spaces (e.g., holiday attacks) and randomized policy subsidies create social tension and psychological immersion. This engagement motivates knowledge discovery, guiding players to internalize a preventive cybersecurity governance perspective.
    In conclusion, the playtesting sessions demonstrated that participants' awareness evolved from fragmented factual recall into a structured governance mindset. By balancing entertainment and education, this adapted tool provides a viable and engaging model for cross-disciplinary cybersecurity education.

    第一章 緒論 1
    第二章 文獻回顧 3
    第一節 嚴肅遊戲 3
    第二節 桌上遊戲 4
    第三節 遊戲設計 5
    第四節 資安防禦矩陣 6
    第三章 研究方法 8
    第一節 研究架構與流程 8
    第二節 研究標的分析 9
    第四章 桌遊設計 13
    第一節 機制改編概述 13
    第二節 卡牌設計 16
    第五章 桌遊試玩與訪談設計 23
    第一節 桌遊試玩 23
    第二節 焦點訪談設計 24
    第六章 研究結果分析 26
    第一節 遊戲機制 26
    第二節 動態行為 27
    第三節 遊戲美學 28
    第七章 結論與建議 33
    參考文獻 35

    一、中文文獻
    王梅玲(2002),焦點團體研究法的理論與應用,圖書與資訊學刊,第 40 期,頁 29-32。
    詹孟傑(2020),桌遊融入教學之省思,臺灣教育評論月刊,第 9 卷第 5 期,頁118- 124。
    潘淑滿(2013),質性研究:理論與應用,社會科學研究,第 43 期,頁 143-146。
    Fortinet. (2025). 2025 年營運技術與資安現況報告. 取自
    https://www.fortinet.com/content/dam/fortinet/assets/white-papers/zh_tw/report_ot-cybersecurity-2025-TW.pdf
    二、英文文獻
    Abt, C. (1970). Serious Games. The Viking Press, 9-14.
    Costikyan, G. (2013). Uncertainty in games. MIT Press.
    Crookall, D. (2010). Serious games, for real: This-time it’s for real, experience and learning. Simulation & Gaming, 41(6), 898-920.
    Djaouti, D., Alvarez, J., & Jessel, J. (2011). Classifying Serious Games: the G/P/S model. In P. Felicia (Ed.), Handbook of Research on Improving Learning and Motivation through Educational Games: Multidisciplinary Approaches (pp. 118-136). IGI Global Scientific Publishing. https://doi.org/10.4018/978-1-60960-495-0.ch006
    Hinebaugh, J. P. (2009). A Board Game Education. Rowman & Littlefield Education, 9-11.
    Hunicke, R., LeBlanc, M., & Zubek, R. (2004). MDA: A formal approach to game design and game research. Proceedings of the AAAI Workshop on Challenges in Game AI.
    Kritz, J. S. (2020). An ontology of board games based on the MDA framework (Master's thesis, Universidade Federal do Rio de Janeiro). COPPE/UFRJ.
    National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1).
    Plass, J. L., Homer, B. D., & Kinzer, C. K. (2015). Foundations of Game-Based Learning. Educational Psychologist, 50(4), 258–283.
    PWC. (2025), 2026 Global digital trust insights: C suite playbook and findings. Retrieved from https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/library/global-digital-trust-insights.html
    Rogerson, M. J., Gibbs, M., & Smith, W. (2016). "I love all the bits": The materiality of boardgames. Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, 3956–3969.
    Rose, S., Borchert, O., Mitchell, S., & Connelly S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology.
    Schell, J. (2008). The Art of Game Design: A Book of Lenses. Morgan Kaufmann Publishers.
    Treher, E. N. (2011). Learning with board games: Tools for learning and retention. The Learning Key.
    Winn, B. M. (2009) The Design, Play, and Experience Framework. Handbook of Research on Effective Electronic Gaming in Education, 1010-1024.
    World Economic Forum. (2025). Global cybersecurity outlook 2025. Retrieved from https://reports.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2025.pdf
    Wouters, P., van Nimwegen, C., van Oostendorp, H., & van der Spek, E. D. (2013). A meta-analysis of the cognitive and motivational effects of serious games. Journal of Educational Psychology, 105(2), 249–265

    QR CODE
    :::