Esc Scenario

Elementary 1889. Hawthorne Clockworks. The blueprints have vanished.

A Victorian mystery with very modern lessons. No devices, no jargon, no technical knowledge required. Just your team, a box full of ciphers and contraptions, and a case that won't solve itself.

Book This Scenario

Get the brochure

Elementary no-tech cyber security escape room kit - Victorian chest, cryptex, deerstalker hat, and origami puzzle

The Scenario

Victorian Mystery. Modern Lessons.

It's 1889. Hawthorne Clockworks is on the eve of unveiling a revolutionary new invention - until the blueprints vanish and a ransom note signed "The Grey Fox" brings everything to a halt.

Sherlock Holmes is conveniently out of town on a new case. So this one is yours. You're handed an instruction sheet - think of it as an algorithm - and told your first challenge is to break the encryption and get into the chest before the clock runs out.

Inside is everything Holmes has gathered so far: suspect files, newspaper articles, a cryptex, a book cipher, Morse code intercepts, locked boxes, and clues pointing to an insider who exploited exactly the kind of trust that organisations still get wrong today.

Elementary is a no-tech cyber security escape room built for teams who want immersive cyber security training without a single screen in sight. No screens. No apps. No Wi-Fi. Just the kit, the clock, and a case that won't solve itself.

Why no tech?

Because the principles behind insider threats, IP protection, and encryption predate every device in your pocket. Elementary strips all that away and shows the human fundamentals - which is exactly why it lands.

Ransom note - recovered from the study

"You will find nothing where the blueprints once were."

The mechanism was worth a considerable fortune. Now it belongs to me.

Should you wish to negotiate, I suggest you begin by understanding who trusted whom - and who took advantage of that trust.

The clues are all there, Dr Watson. Whether your team is clever enough to find them is quite another matter.

⎯ The Grey Fox

⎯ What happens

Inside the room.

Break The Encryption

You're handed a piece of paper and an instruction sheet. Follow it precisely and a code is revealed. Rush it or skip a step.. and you'll know about it. The clock is already running.

Encryption experienced, not explained.

Open the chest

Inside is everything Holmes gathered. Suspect files. Newspaper articles. A cryptex. Locked boxes. A book. A diary. A magnifying glass. Morse code. Nothing is labelled. Nothing is obvious. Everything connects... eventually.

The investigation begins

Identify the Insider

The Grey Fox didn't break in. They were trusted in. Work through the evidence, assign motives, eliminate alibis, and narrow the suspects down. The answer is in there. So are the red herrings.

Layered deduction under pressure

Crack the cryptex

One suspect remains. One password required. The clues to unlock it are already in the room ... if your team has been paying attention.

The satisfying click of it all connecting

Run The Debrief

Your facilitator connects the puzzles back to the real world. The Victorian setting falls away. What's left is a conversation about encryption, insider risk, and why the same mistakes are still happening in organisations today.

Modern relevance locked in

⎯ Learning outcomes

What your team takes away

The setting is Victorian. The lessons aren't. Every puzzle in Elementary maps to a security behaviour your team needs in the real world - just delivered in a way they'll actually remember.

Insider Threats

The Grey Fox didn't break in. They were trusted in. Elementary explores how misplaced trust, unchecked access, and exploited relationships are just as dangerous as external attacks - and often far harder to spot. Players leave thinking differently about who they share information with, and why.

ISO 27001 A.6⋅ NIST CSF GV.HR ⋅ NCSC CAF A1

IP Protection

The blueprints were stolen because they weren't adequately protected - not locked away, not encrypted, not access-controlled. Protecting intellectual property takes more than a password, and Elementary shows players exactly what happens when the layers aren't in place. The Victorian setting makes the parallel to modern data loss feel immediate, not abstract.

ISO 27001 A.5.12 ⋅ DORA ART.13

Data Encryption & MFA

The origami puzzle is the first thing your team encounters - and it's the key to getting into the box. Follow the algorithm precisely and a code is revealed. Use it with a physical key to unlock the chest. Two factors. Both required. Players experience multi-factor authentication and encryption as physical, tactile realities - not concepts from a slide deck - before the investigation has even begun.

ISO 27001 A.8.24 ⋅ NIST CSF PR.DS ⋅ NIS2 ART.21

Code breaking & analytical thinking

Book ciphers, Morse code, locked mechanisms - Elementary gives teams practice in the kind of careful, methodical thinking that real security decisions require. Under pressure, most people rush and miss things. That gap between what you know and what you do under stress is exactly what the debrief unpacks.

ISO 27001 CL.7.3 ⋅ NCSC CAF B4

⎯ the puzzle that starts everything

Encryption Made Physical

Before your team can even open the chest, they have to break the encryption. They're handed a piece of paper and an instruction sheet - the algorithm - and told to follow it precisely.

Fold it correctly, in order, and a three-digit code is revealed. Use the code to open the book safe, find the hidden key inside, and unlock the chest. Get a fold wrong and you're back to square one. Under time pressure, almost no one follows the steps carefully enough. Hands move faster than attention. Assumptions creep in. The paper refuses to cooperate.

By the time the session ends, every person in the room understands viscerally why encryption protocols have to be followed exactly as designed. One skipped step and the whole thing collapses. That's a lessons that sticks - and it lands before a single suspect file has been opened.

⎯ Who it's for

built for the whole workforce.

Non-Technical Staff
Elementary requires zero technical knowledge - the whole point is that security fundamentals predate technology. Finance, HR, legal, operations - anyone can engage with a Victorian mystery. And the lessons about insider threats and information protection are just as relevant regardless of role.
Regulated industries & secure environments
No devices means no risk of bringing personal phones or laptops into a session. Elementary is ideal for financial services, legal, defence, and other sectors where device policies make tech-based training complicated to run. Fully compliant with strict security environments.
Teams who've already done The Breach
Elementary covers different territory - insider threats and IP protection rather than ransomware and social engineering - making it a natural companion scenario for teams who want to build on earlier training without repeating the same lessons.
Away Days & Offsite events
The Victorian theme and the mix of puzzles make Elementary one of the most talked-about scenarios we run. It doesn't feel like mandatory training, it feels like an experience - which is exactly why the lessons stick long after the day is over.

Good to know

Elementary has no technical prerequisites whatsoever - not even the basics. If your team includes people who've never touched a security training session before, this is a gentle but genuinely effective entry points. And if they have - the origami puzzle will still catch them off guard.

RECOMMENDED FOR

FINANCIAL SERVICES ⋅ LEGAL ⋅ PROFESSIONAL SERVICES ⋅ DEFENCE ⋅ HEALTHCARE ⋅ ALL SECTORS

⎯ the details

The numbers that matter

45min

duration

Plus 15-20 minute facilitated debrief. Back-to-back rotations available for larger groups.

players per team

Minimum 3. Optimal at 5. Multiple kits can run simultaneously for larger groups.

1table

space required

A standard meeting room table is all you need. No screens, no power required.

20min

setup time

We handle everything. You arrive to a room that's ready to go.

50+

people in a day

With back-to-back rotations across multiple kits. We'll help you plan the logistics.

devices needed

Fully offline. No Wi-Fi, no apps, no screens. Just the kit.

⎯ how to run it

choose your delivery format

facilitated sessions

We turn up, set up, and run everything. Our hosts bring the energy, manage the pressure, and deliver a structured debrief that connects the Victorian puzzles to your team's real behaviours.

Professional facilitator included

High-energy, seamless delivery

Structured debrief session

Best for away days, conferences, leadership sesions

Flexible

Kit hire

We ship you a ready-to-run kit. Your internal champions run the session - same puzzles, same impact, delivered by your own team on your own schedule.

Complete kit with all props and locks

Host guide for smooth internal delivery

Multiple runs over days or weeks

Best for multi-site or shift-based teams

sustained culture

long-term rental

For organisations building security culture year-round. Keep the kit, run it as often as you like, and swap scenarios throughout the year to keep things fresh.

Enterprise quality kit, yours to keep

Scenario swaps throughout the year

Training for internal hosts

Best for onboarding programmes and ongoing culture work

We ran the first of what will be many events that raise security awareness within the company in a really fun and informative way. Feedback from the participants was extremely positive and off the back of that we are overbooked for the next two. Cyber doesn't (always) have to be boring, and it NEVER is when Amy's in the room.

⎯ CISO, Channel 4

⎯ Questions

Things people usually ask

Is Elementary really completely tech-free?

Completely. No screens, no apps, no Wi-Fi, no devices of any kind. Everything in the kit is physical - documents, props, locks, paper puzzles. It runs in environments where personal devices aren't permitted, and it doesn't require any power source or internet connection.

Does anyone need to know about cyber security before playing?

Not at all. Elementary is designed around concepts that predate modern technology - trust, secrecy, access control, encryption. Players don't need to know what a firewall is. By the time the debrief ends, they'll understand why those things exist.

Can we run it back-to-back for larger groups?

Yes. Multiple kits can run simultaneously, and back-to-back rotations mean you can run 50+ people through in a single day. We'll help you plan the logistics based on your group size and available space.

How does this count towards compliance frameworks?

Elementary supports requirements under ISO 27001 (Clauses 6, 7.3, A.5, A.8.24), NIST CSF 2.0 (PR.AT, PR.DS), NIS2 (Articles 20–21), and DORA (Article 13). We can provide documentation to support your audit trail.

Can the scenario be adapted for our organisation?

Yes. We can adapt elements of Elementary to reflect your industry, your organisation's terminology, or specific risks relevant to your team. Get in touch and we'll talk through what that looks like.

What's different about Elementary vs The Breach?

The Breach focuses on ransomware, social engineering, and vishing - external attack vectors. Elementary focuses on insider threats, IP protection, and encryption - the internal and organisational side of security. They cover different ground and work well together as a pair.

⎯ Other Scenarios

Explore the Full Range

The Heist Immersive Cyber Security Training Scenario

30 mins ⋅ 5 players

Let's Book Elementary

Tell us your team size, your location, and your rough timeline. We'll come back to you with everything you need to make it happen.

Get in Touch