🕵️ SOCIAL ENGINEERING ESCAPE ROOM KIT

Executive Summary & Implementation Guide

What is this?

A 60-minute, facilitator-led team simulation that teaches your employees to spot and stop real social engineering attacks. Teams face six attack vectors, make decisions under pressure, and learn the control architecture that stops breaches.

Bottom line: Your employees become your first line of defense instead of your biggest vulnerability.

The Problem We're Solving

82%

of data breaches involve social engineering

Most security awareness training is passive (video, module, quiz). Employees forget it within weeks. This event is different: Real decisions, real pressure, real learning that sticks.

What Happens at the Event

Your team faces a coordinated 48-hour attack with six vectors:

1. Pretexting (Phone)

IT support calls about a vendor account. Can your team verify the caller?

2. OSINT

LinkedIn, GitHub, press releases. Which public data is the biggest risk?

3. Phishing

8 emails in the inbox. One is a spear phish. Can they spot it?

4. Vishing + Deepfake

Voicemail from the CFO requesting a $250k wire. What's the right call?

5. Physical

Delivery person at the badge gate. Do they let them in?

6. Supply Chain

Vendor's email compromised. Which request do they approve?

Why This Works

Real-world scenarios — based on actual breaches, not hypotheticals
Hands-on learning — making decisions, seeing consequences, understanding controls
Emotional engagement — urgency and pressure stick in your brain (unlike passive training)
Team bonding — shared experience, group problem-solving, trust-building
No tech failures — doesn't depend on LMS, apps, or internet connectivity
Immediate ROI — attendees leave with one clear action (verify, escalate, report)

Measurable Outcomes

🎯 Knowledge

90%+ of attendees can identify red flags in real phishing emails post-event

🛡️ Behavior

Teams identify control gaps and implement fixes (vendor verification, wire approval process)

📢 Advocacy

Attendees recommend the event to peers (typical eNPS: +40–50)

🔒 Risk Reduction

One prevented breach = ROI of 10–100x the event cost

What You Get

Deliverable	Format	Purpose
Facilitator Script	Markdown + PDF	Full 60-min timing, talking points, decision trees, scoring guidance
Player Handouts	Printable PDF	Phishing emails, OSINT screenshots, vendor requests, decision cards
Slide Decks	HTML + PDF	Opening, stage intros, debrief — project live during event
Scoring Template	Interactive HTML	Real-time leaderboard with live team scoring
Decision Trees	Markdown	Branching scenarios — what to do if teams choose differently
Remote Variant	Markdown	Full Zoom/breakout room adaptation (same 60 min, remote delivery)
Pre-Event Checklist	Markdown	Setup guide, room layout, equipment, customization steps

How to Run It

Week 1

Customize (30 min) + brief facilitator walkthrough (15 min)

Week 2

Print handouts (20 min) + final tech check (10 min)

Event Day

Setup room (20 min) + run event (60 min) + debrief (10 min)

Week 3

Collect feedback + follow-up email with resources

Customization

Everything is tokenized for your company:

{{company}} — Your company name
{{team}} — Department running the event
{{ciso_name}} — Your CISO or security lead
{{reportingEmail}} — Security team email for incident reporting
{{eventDate}} — When you run the event

Find & replace once. Everything updates. Takes 15 minutes.

Event Formats

Format	Attendees	Duration	Setup
In-Person	6–30	60 min	Conference room, projector, printed handouts
Remote (Zoom)	6–50	60 min	Zoom breakout rooms, shared handouts, scoring sheet
Hybrid	Mix of in-room + remote	60 min	Zoom + projector, breakout rooms for remote attendees

Pricing & Value

Social Engineering Escape Room Kit

$999

One-time purchase. Run unlimited events. No per-seat fees.

Cost per attendee (30 people): ~$33

Cost per attendee (100 people, across multiple events): ~$10

Compared to: $100–500 per-person awareness training programs, this is exceptional value for engagement + behavior change.

ROI Example

Scenario: You run the event for 100 employees over 3 months (4 sessions). One person catches a $150k supply-chain fraud attempt that would have succeeded.

151x

ROI ($150k prevented vs. $999 cost)

And that's just one prevented breach. Add reduced phishing click rates, faster security reporting, and cultural shift toward "security is everyone's job" — the value compounds.

Next Steps

Review this summary with your CISO/security leadership
Download the kit and review the facilitator script (15 min read)
Pick a date for your first event (aim for 6–8 weeks out)
Customize the content (30 min) — company name, CISO, email, etc.
Invite your first team (6–12 people to start, learn the flow)
Run the event (60 min + 10 min setup + 10 min debrief)
Measure & iterate — collect feedback, refine for next event

Ready to Turn Your Employees into Security Sensors?

The Social Engineering Escape Room Kit teaches real-world decision-making. Order today.

{{company}} — where awareness becomes action.