Whether you’re a hard core information security professional or someone in a large corp who has to be hit with the “security awareness” stick, learning new security concepts can be difficult. Conventional training and awareness education can be tedious and boring, oftentimes leaving the trainee disengaged and confused. Positive reinforcement in an important concept in education. As it turns out, it’s also an important concept in gaming as well. By marrying gaming with security education, we can create conditions where people actually WANT to learn more, are able to explore advanced concepts in novel ways, and ultimately become more engaged in this industry. There’s a long history of gaming in information security, especially in the form of Capture the Flag contests that have become commonplace at conferences. This talk will explore the history of CTF contests and how they have evolved over the years. It will also examine other games that have become valuable to hardcore infosec professionals such as Hack Fortress and various physical security security challenges. We will pick apart these games to see what makes them successful, engaging, and educational. This talk will also explore games that can be used to engage non-security pros to help educate users about core security concerns and concepts.