This thesis explores gamification and its application to cybersecurity. It is well known that nowadays the weak link in cybersecurity are humans. Both for personal and work reasons, people are constantly connected to each other throw devices, often without a real awareness of cybersecurity risks. At the same time, the lack of professional figures in the cybersecurity market with precise skills increases the need to train new experts in the field. For these reasons, concentrating the attention on the end users, with the purpose to create a usefulness education and awareness is important. Gamification uses, in a not game environment, game components and mechanics that involve and engage human attention encouraging a change of behaviour.