2026-04-10 –, Cyber Escape Room
OT incidents don't start with sirens and flashing dashboards. They start with something small. A door left unlocked. A badge clones. A laptop plugged in where it shouldn't be.
What happens when a cyber incident doesn’t start with malware… but with a door?
In this fast-paced, hands-on workshop, The Cyber Escape Room Co. invites attendees to step inside a live OT cyber escape room and experience an industrial incident from the inside out. No slides. No lectures. Just teamwork, time pressure, and a compromised operational environment that needs fixing fast.
As IT and OT systems become increasingly interconnected, the line between “IT security issue” and “OT safety problem” is disappearing. This workshop is designed to reflect that reality. Participants will investigate how physical security gaps, IT failures, and OT constraints combine to create real-world risk, and how incident response decisions in one domain directly affect the other.
Set inside a fictional but highly realistic industrial scenario, attendees will act as the on-site response team, working together to regain access to systems, identify the breach, and prevent further operational impact. The experience concludes with a practical debrief linking the chaos back to real OT and IT security lessons that actually stick.
This workshop delivers a fully interactive OT cyber incident simulation using The Cyber Escape Room Co.’s portable OT escape room experience, purpose-built for industrial and critical infrastructure environments.
Participants are dropped straight into the action. A facility has been compromised. Physical access has been interfered with. Systems are behaving strangely. Information is incomplete. The clock is ticking.
Working in small teams, attendees will:
• Investigate physical and digital clues to uncover how the incident occurred
• Experience first-hand how IT security failures can cascade into OT impact
• Restore access to OT systems
• Communicate findings to a simulated SOC and incident response function
• Make judgement calls that balance security, safety, and operational continuity
The scenario deliberately blends IT and OT considerations, reflecting how modern environments actually operate. Participants will see why traditional IT-only approaches often fall short in OT, and why OT teams can’t afford to ignore IT security practices as systems become more connected.
This is not about “winning” an escape room. It’s about learning through experience. The session finishes with a guided debrief that translates the scenario into practical, actionable takeaways covering:
• The growing convergence of IT and OT security
• Human and process failures that attackers exploit
• Physical security as a cyber control
• How to improve collaboration between IT, OT, and security teams
No prior escape room experience is needed. The workshop is designed to be accessible, engaging, and genuinely fun, while still delivering serious insight for OT engineers, security professionals, and anyone responsible for protecting operational systems.
Amy Stokes-Waters is the founder of The Cyber Escape Room Co., where she designs immersive, experience-led cybersecurity training that helps people learn by doing, not clicking through slides. Her work focuses on human behaviour, decision-making, and how people respond under pressure, turning real-world security challenges into memorable learning experiences that actually stick.