Ransomware and Red Herrings
A ransomware note. Five suspects. One ticking clock. At this year's ITC Cyber Summit in London, strategy met reality and delegates stepped straight into the breach.
10.02
London,
UK
2026
On 10th February, the ITC Cyber Summit returned to RSA House in London with a clear theme running through the day: awareness only matters if it leads to action.
Between conversations about AI, geopolitics, and the rapidly shifting threat landscape, there was a shared question hanging in the air: how do you actually make security stick?
Our answer was simple. Don't just talk about cyber risk. Let people experience it.
So we brought The Breach - a fast-paced, whodunnit-style ransomware investigation where teams analyse digital clues, suspect behaviour, and social engineering tactics to uncover how an attacker broke in - and dropped delegates straight into the middle of a live incident.
Highlights from the Incident Floor
The premise was deliciously chaotic.
A ransomware gang had locked down the systems of fictional company High Tech Inc. But instead of demanding money straight away, they offered a game: identify the employee whose compromised credentials let them in.
Five suspects. Five possible attack methods. Thirty minutes to crack the case.
Teams gathered around evidence packs like real-world response units... analysing IT logs, scanning phone records, digging through suspicious emails, and piecing together digital breadcrumbs left by a cunning attacker.
Then they started dialling. Delegates got the opportunity to call the hacker and speak with her in real-time. Some laughed. Some hesitated. Everyone got excited.
Within minutes the room transformed from conference calm to full-blown incident response energy: teams debating clues, challenging assumptions, and racing the clock as the ransomware timer loomed overhead.
No slides. No theory. Just decisions under pressure.
A Talk That Flipped the Narrative
Between escape room sessions, we also took to the stage for a short talk with a simple provocation:
Human risk isn’t a people problem.
Too often, security awareness treats employees as the weakest link... the thing to be fixed, trained, or controlled. But the reality is different.
Most people aren’t careless. They’re busy. They’re overloaded with tools, alerts, policies, and passwords. Attackers exploit that complexity, not stupidity.
The real challenge isn’t “fixing users.”
It’s designing environments where the secure decision is the easiest decision.
Simulation plays a powerful role in that shift. When people experience attacks.. when they hear the vishing call, see the digital clues, and feel the pressure of a timer... something clicks.
Security stops being abstract. It becomes shared language.
And that’s where real resilience starts.
Want us at your next event?
We bring energy, excitement, and experiential learning to events across the globe. Let's get your people engaged. Talk to us about escape rooms, large-scale installations, and event planning today.