Case Study

The escape rooms that changed everything.

Peabody's journey to serious
cyber engagement.

The most impactful messaging on passwords we have ever delivered.

Marie Jeffery, Biso ⋅ Peabody

Metrics Grid — TCERC
311
Colleagues trained through play
98%
Left with better cyber understanding
100%
Would recommend to colleagues
30m
Average session length
2I2A3580
The Challenge

Good awareness. Zero behaviour change.

Peabody is one of the largest housing associations in the UK, with a diverse workforce spread cross multiple sites. Like many organisations, they faced a familiar problem: people knew the rules, but nothing was changing. 

Traditional training formats weren't cutting through. Awareness was fine. Behaviour wasn't. They needed something fast-paced, hands-on, and memorable. Something that make the stakes feel real, not hypothetical.

What we delivered

A blended programme. Built to scale.

55

Self-facilitated sessions

8

Fully-hosted sessions

311

Colleagues trained

Using our portable kit, Peabody were able to deliver short, impactful sessions that fit easily into their working day. All from a rucksack-sized setup. No booking a venue. No disrupting the calendar. Just 30 minutes that actually stuck.

The Results.

92%

Rated sessions as excellent

95%

Found sessions very engaging

98%

left with a better understanding of cyber security

100%

Would recommend to colleagues

Real Behaviour Change

Not just enjoyable. Behaviour-changing.

The biggest shift wasn't in feedback forms. It was in day-to-day behaviour. After running the escape rooms, Peabody saw clear observable changes in how colleagues approached security.

  • Faster reporting of phishing emails
  • Increased use of the internal reporting button
  • More colleagues contacting the Infosec team proactively
  • Stronger understanding of why controls like MFA matter
  • Fewer pushbacks on standard security measures
  • Greater openness to discussing security concerns
Culture Shift

A stronger Security culture.

The escape rooms helped unlock conversations that simply weren't happening before. Teams that rarely engaged with Information Security suddenly became involved, asking questions, seeking clarification, and collaborating across departments. 

The shift wasn't about a single session. It was about changing the tone of security across the whole organisation.

  • New relationships built between InfoSec and frontline teams
  • Increased visibility of the security function
  • Higher trust, more curiosity, and more proactive engagement
  • Security becoming a normal part of everyday conversation
  • A shared, memorable experience that brought teams together
What People Learned

Every Puzzle A real world risk.

The biggest shift wasn't in feedback forms. It was in day-to-day behaviour. After running the escape rooms, Peabody saw clear observable changes in how colleagues approached security.

Learning Themes — TCERC
Passwords and MFA
Insider risk and access control
Lost or stolen devices
Social media privacy
Social engineering techniques
Encryption and secure data handling
Remote working risks
Communication under pressure

"Beyond having enjoyed the game, this was the most impactful messaging we've been able to deliver to support our guidance regarding passwords and use of MFA. The discussions these events sparked demonstrated a level of impact and understanding we haven't previously achieved."

— Marie Jeffery, Biso ⋅ Peabody

Want results
like these?

Security training that actually changes behaviour.
We've done it for Peabody, The Telegraph, the MoD and more.

Talk to the team