About

We'd rather measure the truth than sell the story.

Instinct Lab exists because cyber security training has a measurement problem. Programmes get judged on attendance, NPS, and self-reported confidence. None of which predict whether anyone will do the right thing when a phishing email lands in the wrong inbox. We thought it was time to fix that.

Cyber behaviour change is a research-grade problem dressed up as a training problem. The hard part isn't finding people willing to sit through a session. It's producing evidence afterwards that stands up to a sceptical CISO, an auditor, or a board paper.

Most behaviour-change programmes never produce that evidence. They report on outputs (sessions delivered, people attended, content consumed) rather than outcomes (what behaviour actually shifted, in which direction, by how much, with what statistical confidence).

Instinct Lab is the missing measurement spine. We baseline using a versioned, defensible instrument: the Security Instinct Index and the Security Behaviour Index. Then we re-measure after intervention. Same cohorts, same instrument, dated comparisons. The number either moved or it didn't.

The instrument is the methodology, and the methodology is the company. We publish the structure openly so anyone can see how a score is built and why it should be trusted. The full instrument, the question bank, the calibrated weights, the framework mappings, stays between us and our customers.

Partnership

Measurement here. Change there.

Instinct Lab and The Cyber Escape Room Co. are sister businesses with a clean division of labour.

Instinct Lab owns the methodology, the measurement portal (F5), and the analytic spine. The Cyber Escape Room Co. owns the engagement layer: physical and digital scenarios that put people in the moment a real incident happens. Together they form a measure-change-measure programme that's defensible at the board level.

Instinct Lab

Measurement & methodology

  • · Baseline + re-measurement
  • · SII / SBI instruments
  • · F5 customer portal
  • · Reporting + analytics
  • · Methodology versioning

The Cyber Escape Room Co.

Engagement & delivery

  • · Immersive scenario design
  • · Physical escape room kits
  • · ALT mobile-first scenarios
  • · Facilitation + debrief
  • · Behaviour-targeted experiences
cyberescaperoom.co ↗

Principles

What we won't do.

Transparent structure, protected instrument

The structure is public so you can see how a score is built. The instrument itself, the question bank, weights, and calibration, is shared with customers under NDA. We tag every score with the methodology version so historical comparisons stay honest.

Two indices, one truth

Perception and behaviour are different variables and we refuse to collapse them into a single score. The space between them is the most useful diagnostic in the entire programme.

Re-measure or it didn't happen

Baseline-only engagements aren't measurement, they're surveys. The whole point of the instrument is that you can run it twice and compare. We won't run a programme that skips the second measure.

Defensible at the board

Every report is built so it survives a sceptical question. Sample sizes, confidence intervals, instrument version, response rates: all on the page. No leaderboard theatre.

Want to talk?

A baseline conversation is short, free, and starts with what you already know about your security culture. No pitch deck.

hello@instinct-lab.co.ukRead the methodology