You're the hacker. You're also the target.
Every player is attacking and defending at the same time — racing to steal a Data Flag while building the defenses to stop everyone else from stealing yours. One turn. Two jobs. No excuses.
-
Attacker Mindset
Attackers don't strike randomly — they follow a sequence. The Cyber Kill Chain maps every stage from the first bit of reconnaissance to the final objective. Playing the attack side teaches you how adversaries think, plan, and move, and why disrupting any single stage can collapse the entire operation.
-
Defender Mindset
Defense isn't one big wall — it's a complete posture. The NIST Cybersecurity Framework gives defenders a structured approach: Identify what you're protecting, Protect it, Detect threats early, Respond fast, and Recover fully — with Govern at the center, providing the policies, roles, and decisions that hold it all together. Every gap in that posture is a stage of the Kill Chain a defender failed to cover.
-
The Cycle of Cyberwarfare
Attack and defense are never finished — they feed each other. Defenders add controls to disrupt the Kill Chain; attackers find ways around them; defenders adapt again. That perpetual loop is the Cycle of Cyberwarfare — and once you see it, you can use it as a mental model to make sense of any threat, breach, or security decision you'll ever encounter.
-
You are CyberFluent
Understanding that cycle means you can break down any cybersecurity incident or topic and ask the right questions. It won't make you a cyber expert — but it means you can appropriately challenge one. Instead of waiting for the latest checklist from experts to tell you what to think, you'll have the mental model to think critically yourself. Rather than just accepting what you're told or begrudgingly going along with it, you'll understand enough to be genuinely on the same page and push toward the best solution.