Context:　Security,　in　digitally　connected　organizational　environments　of　today,　involves　many　different　perspectives,　including　social,　physical,　and　technical　factors.　In　order　to　understand　the　interactions　among　these　correlated　aspects　and　elicit　potential　threats　geared　towards　a　given　organization,　different　security　requirements　analysis　approaches　are　proposed　in　the　literature.　However,　the　body　of　knowledge　is　yet　to　unleash　its　full　potential　due　to　the　complex　nature　of　security　problems,　and　inadequate　ways　to　improve　security　awareness　of　key　players　in　the　organization.　Objective:　Objective(s)　of　the　research　study　is　to　improve　the　security　awareness　of　players　utilizing　serious　games　via:　(i)　Know-how　of　security　concepts　and　security　protection;　(ii)　guided　process　of　identifying　valuable　assets　and　vulnerabilities　in　a　given　organizational　setting;　(iii)　guided　process　of　defining　successful　security　attacks　to　the　organization.　Method:　Important　methods　used　to　address　the　above　objectives　include:　(i)　a　comprehensive　review　of　the　literature　to　better　understand　security　and　game　design　elements;　(ii)　designing　a　serious　game　using　cyber　security　knowledge　and　game-based　techniques　combined　with　security　requirements　engineering　concepts;　(iii)　using　empirical　evaluation　(observation　and　survey)　to　verify　the　effectiveness　of　the　proposed　game　design.　Result:　The　solution　proposed　is　a　serious　game　for　security　requirements　education,　which:　(i)　can　be　an　effective　and　fun　way　of　learning　security　related　concepts;　(ii)　mimics　a　real　life　problem　setting　in　a　presentable　and　understandable　way;　(iii)　motivates　players　to　learn　more　about　security　related　concepts　in　future.　Conclusion:　From　this　study,　we　conclude　that　the　proposed　Security　Requirement　Education　Game　(SREG)　has　positive　results　and　is　helpful　for　players　of　the　game　to　get　an　understanding　of　security　attacks　and　vulnerabilities.