Story-Based Cybersecurity Experiences

Build the
cybersecurity
instincts
before you
need them.

Most cybersecurity training tells people what to do. Very little of it helps them feel what it's actually like to be in the middle of a real incident, when nothing is clear, time is short, and someone has to make a call.

Get in Touch

The Idea

Story-based experiences that build
the human side of cybersecurity.

Tree & Fern runs story-based experiences that drop people into scenarios that look nothing like cybersecurity on the surface, but quietly practise all the things that matter when something does go wrong.

Sessions are facilitated, played in groups, and deliberately low-tech. No laptops. No jargon. No need to know anything about cybersecurity beforehand. Just a room of people, a story worth getting into, and a few decisions that test what really matters when the heat is on.

We work with leaders, boards, security teams, and wider security communities. Every session covers the same six qualities that show up in every real incident — and every session ends with a proper chat afterwards to tie what just happened back to real life.

Spotting risk

Recognising what matters before it becomes a problem.

Decisions under pressure

Making calls when information is incomplete and time is short.

Doing the right thing

Holding to good judgment when the stakes are real.

Communicating well

Talking to your team and explaining risk to the people who weren't in the room.

Working together

Building the relationships you'll rely on when something breaks.

Adapting

Keeping going when the plan stops working.

Why It Works

The stuff that decides how well
any organisation handles a security problem.

01

Distance helps honesty

When the threat in the story is a cursed artefact instead of a ransomware attack, people stop worrying about looking like they don't know things. They take risks. They make mistakes. They learn.

02

Stories stick

Frameworks and checklists fade fast. A shared experience — like the time your team trusted the wrong stranger — sticks around for years and becomes a story people keep coming back to.

03

Instincts carry over

What gets tested in the story is the same stuff that gets tested in a real incident. Practising it when nothing is on the line builds the instincts people lean on when something is.

Types of Events We Run

Shaped to fit who's in the room
and how much time you have.

Founder Editions

Short, punchy sessions for early-stage founders who want to build their cybersecurity instincts before they need them, not after.

Leadership Team Sessions

Made for senior teams and boards, with a focus on making calls under pressure and explaining risk to the people who weren't in the room.

Security Professional Sessions

For the people whose day job is already cybersecurity. A chance to sharpen the instincts that aren't in any playbook — making calls when information is messy, holding your nerve when everyone's watching.

Conference & Community Events

Open sessions for tech weeks, founder meetups, and community gatherings, where a shared experience kicks off bigger conversations.

Custom Sessions

Stories shaped around the specific risks, culture, and language of your organisation. We shape the story, the length, and the focus to fit.

Case Study

the unseen hand

The Unseen Hand

The Unseen Hand is a Tree & Fern scenario designed for security professionals and leadership teams who want to practise the hardest part of cybersecurity: what you do when you can't see the whole picture.

Players find themselves inside a story where influence, deception, and uncertain loyalties are the landscape. Nothing is what it seems. Decisions have to be made anyway. The story has nothing to do with computers — and everything to do with what happens in a real incident.

The debrief after is where it lands: connecting the decisions made in the room to the decisions that matter when something real goes wrong.

Available on request

Format

Facilitated group experience, low-tech, in-person

Best for

Security teams, leadership groups, security community events

Core focus

Decision-making under uncertainty, trust calibration, communication under pressure

Duration

Flexible — shaped to fit your group and available time

What People Take Away

More than a slide deck
would ever leave behind.

i. Sharper instincts for the moments that matter most when something goes wrong.
ii. A shared way of talking about risk and uncertainty across the team.
iii. More confidence to get stuck into security stuff early, instead of waiting for something to break.
iv. Stronger relationships with the people they'll need to work with if it does.
v. A memorable experience that sticks far longer than a slide deck ever would.

Who's Behind It

A team-up between two organisations
that each bring something the other can't.

Leadership Treehouse

Runs story-based experiences that build leadership and team skills through play, reflection, and the safe practice of the hard stuff. The whole thing is built on the idea that the skills that matter most — judgment, communication, keeping your head when it counts — are best learned by doing rather than being told.

Cyberfern

Brings the cybersecurity know-how. Every scenario, every decision point, every debrief is grounded in what organisations are actually dealing with right now. From small startups to bigger companies, Cyberfern keeps the experience honest about the real-world stakes.

Get in Touch

Want to know if Tree & Fern
is a good fit for your team?

Drop us a line. We'd love to hear what you're working on and chat through whether a session with us might help.

Email hello@treeandfern.com