Peer Reviewed Journal via three different mandatory reviewing processes, since 2006, and, from September 2020, a fourth mandatory peer-editing has been added.
With increasing digitization, information security (IS) is becoming an important issue for all employees working in companies and organizations. If the human factor is to be seen as a strength rather than a weakness, appropriate awareness-raising measures are required. One way to raise awareness is through game-based learning (GBL), which can be used as an ongoing means of motivating employees to engage emotionally with the subject of IS and changing their online behavior accordingly. As part of the project “Mittelstand 4.0-Kompetenzzentrum Stutt-gart” (Mittelstand 4.0-Competence Center Stuttgart), two analog GBL scenarios on the topics Social Engineering and Security Risk Management for SMEs are currently being developed over the period of a year, from April 2020 through to March 2021. In this paper, the develop-ment process—including the phases prototyping, testing, and adaptation—is described and the prototype results shown. Testing analog prototypes in times of COVID-19 is particularly challenging. The experience gained in this mini project will be incorporated into the new three-year project “Awareness Lab SMEs (ALARM) Information Security,” which is funded by the Federal Ministry for Economic Affairs and Energy and has been running since October 1, 2020.