Glen Sorensen
Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.
Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.
Sessions
Tired of boring tabletop exercises that put your team to sleep? Transform incident response training with an innovative roleplaying framework inspired by tabletop RPGs. This hands-on workshop guides you through designing engaging cybersecurity exercises using dice rolls, character abilities, and dynamic scenarios.
In this 4-hour session, you'll experience this approach through demonstration, then develop your own scenarios in small groups. Learn to create character roles with unique abilities, design realistic incident response challenges using the MITRE ATT&CK framework, and craft unexpected events that keep participants engaged.
This approach emphasizes the human elements of incident response, making it accessible to both technical and non-technical audiences. Groups will test each other's scenarios, providing immediate feedback for refinement.
You'll leave with a ready-to-implement scenario, facilitation skills as a "Incident Master," and community resources for continued development. Whether you're responsible for team training or building security culture, this workshop provides practical tools to make incident response training both fun and effective.
Tired of security training that puts your team to sleep? What if we told you the most powerful training tool in cybersecurity has been sitting in your game room all along? Welcome to the world of game-based learning, where the proven power of play transforms how professionals master complex skills.
Research shows that humans learn best when working together, yet traditional training methods keep pushing isolated, theoretical learning. Game-based learning flips this approach on its head, creating environments where people forget about office politics and actually engage with the material. Through structured play and collaborative storytelling, participants don't just memorize concepts—they live them, breaking down professional barriers and building genuine understanding through experience.
We'll show you the compelling evidence behind why using roleplaying games work, and demonstrate how to transform resistant learners into engaged participants. Using compelling examples, you'll discover how tabletop role-playing mechanics can turn your most challenging training scenarios—from incident response to zero trust architecture—into adventures your team actually looks forward to.
Join us to learn why adding roleplaying games to your professional development isn't just about making training fun—it's about making it work.
You’ve identified the vulnerability, tested the exploit, and written the report. But they just don’t see the urgency. Now what? This 4-hour, hands-on workshop bridges the gap between technical mastery and executive and influence. We’ll move beyond simply reporting risks to crafting compelling narratives, quantifying value, and building the relationships necessary to drive meaningful security improvements.
We’ll delve into the psychology of decision-making, explore adversarial communication tactics (including those used against YOU), and arm you with practical strategies to become a trusted advisor who can effectively advocate for security and get things done.