Experiential Cyber Security training

The Anti-Boring Cyber Training Company

Escape rooms. Live incidents. Immersive experiences. We build engagement people remember, cultures that back good behaviour, and instinct that holds up when things get messy.

No box-ticking. No beige training. No bullshit.

Explore Experiences
See how we do it
Play Video
See it in Action

what happens when security training Actually lands

Word spread so quickly we ended up with a waiting list. 97% positive feedback. 94% said they'd do it again. Makes key cyber behaviours stick.

CISO, The Telegraph

See it in Action

what happens when security training Actually lands

Word spread so quickly we ended up with a waiting list. 97% positive feedback. 94% said they'd do it again. Makes key cyber behaviours stick.

CISO, The Telegraph

2I2A3596
Team working through Elementary cyber security escape room scenario
1F6A0116
2I2A1968
2I2A1673

86%

Reduction in phishing susceptibility over 12 months with immersive training.

KnowBe4 Phishing Benchmarking Report (2025) · 14.5M users

96%

Of employees who took risky actions already knew they were risky.

Proofpoint State of the Phish (2024) · n=7,500 across 15 countries

1.7%

Average difference between trained & untrained groups after annual compliance training.

Ho et al. (2025) UC San Diego / University of Chicago · n=19,500

Why Most Security Training Fails

Your people aren't careless. They're just unprepared.

96% of employees who took a risky security action knew it was risky as the time. This is not an awareness failure. It's a behaviour failure. Those are different problems that need different solutions. 

A randomised study of 19,500 employees found no measurable difference between groups who completed mandatory annual training and those who hadn't. The gap? 1.7%. 

The brain doesn't learn through slides. It learns through experience, emotion, and consequence. Always has. 

2I2A4499-scaled.jpg
WhatsApp-Image-2026-01-13-at-21.29.44.jpeg
63-scaled.png

The cost of
getting it wrong

£4.4M

Global average cost of a breach in 2025

60%

Of breaches involve the human element

38%

Breach cost reduction with immersive training

61%

Fail basic security quiz after completing training

10%

Of training spend that actually transfers to behaviour change

The Experiences

Choose Your Adventure

See All Experiences
ESC

Physical Escape Rooms

Your space. Our game. High-stakes puzzles that build instincts, spark culture change, and make security impossible to ignore.

Best For

Team days, culture change

Audience

Any team, all levels

Players

5 to 250

Explore ESC
CTRL+VISH

AI Vishing Calls

Live AI-powered calls that teach your people to recognise manipulation and stay composed under pressure. Once they've felt a fake scam call, they'll never forget it.

Best For

Frontline & finance teams

Audience

Remote or in-office

Players

Scalable, unlimited

Explore CTRL+VISH

Large-Scale Events

Theatre sets. Live incident simulations. Multi-team missions. SPACE_ takes over entire venues and runs hundreds of people through immersive cyber scenarios, simultaneously. If you need organisation-wide impact, this is it.

Best For

Enterprise events, expos, leadership offsites

Audience

Large teams, company-wide audiences

Players

Up to 1,500 per day

Explore SPACE_

Digital Escape Rooms

Browser-based missions for remote teams. Fun, fast, scalable cyber learning that works anywhere. No office required.

Best For

Remote & hybrid teams

Audience

Distributed workforces

Players

Unlimited, anywhere

Explore SHIFT
ALT

AR Cyber Missions

Augmented reality and hybrid physical-cyber missions your teams can launch anywhere. Immersive, flexible, and impossible to tune out.

Best For

On-site & hybrid days

Audience

Mobile-first teams

Players

Flexible group sizes

Explore ALT

Tabletop Exercises

Technical crisis simulations for senior leaders that sharpen real-world incident response. Decision-making under genuine pressure.

Best For

Senior leaders, exec teams

Audience

C-suite & incident leads

Players

Small leadership cohorts

Explore CMD

What People Say

More Testimonials
PPT_quotemarks

The most impactful messaging we've been able to deliver - a level of impact and understanding we haven't previously achieved.

Marie Jeffery, BISO ⋅ Peabody

PPT_quotemarks

It has been critically useful to focus people's attention on the threats, and what they can do to reduce risk.

CISO ⋅ Ministry of Defence

PPT_quotemarks

It brought to life how good security hygiene is so important and made everyone think about how they can put this into action daily.

Rebekah Hobday, Infosec Assurance Manager ⋅ LV=

PPT_quotemarks

It's not just training. It's an experience that genuinely changes behaviour.

Sally Bolton, Cyber Human Risk Manager ⋅ Scottish Power Energy Networks

From the thinking side of tcerc

We've done the reading so you don't have to.

The research, the framework, the book. Everything that explains why we do it this way. And why most programmes don't work.

Framework

The Behaviour Cycle

Human risk isn't a people problem. It's a design problem. The Behaviour Cycle is the three-lever system - Engagement, Culture, Instinct - that explains why most security programmes fail at the same stage, and how to fix it.

Explore the Framework
Research Series

The Data Behind The Discourse

Four papers. Neuroscience, memory science, breach economics, and the data on why annual compliance training has no measurable effect. Cited, sourced, and written for people who actually want to understand the problem.

Read the Research
The Book

May I Have Your Attention, Please?

The ultimate guide to engagement in immersive learning. Written by Amy Stokes-Waters, founder of The Cyber Escape Room Co. Covers memory, pressure, decision-making, and why most training is designed for dashboards rather than brains.

Get the Book

This is the bit where you do something about it.