Hypothetical Project — Based on L&D Principles Learned
Case Study · Strategic L&D · Behavioral Design · Emerging Tech

The Human
Firewall
Championship

A gamified cybersecurity training ecosystem that turned compliance fatigue into a competitive social habit — reducing phishing click rates from 25% to 4%.

25% → 4% Phishing Click Rate
300% Reporting Increase
$1.2M Risk Mitigation / yr
92% Preferred Over Videos
Designed by Rahmat Syawaludin
Scroll to explore
01 Needs Analysis & Data-Driven Thinking

The Investigation

Despite 100% compliance on annual security videos, phishing incidents rose 15% in Q3. The data said one thing. The root cause said another.

📈

Business Trigger

Phishing-related incidents increased by 15% in Q3, creating potential financial and data risks — despite full compliance in mandatory annual security video training.

🤝

Stakeholder Consultation

Interviewed the CISO to define technical risks and HR to understand employee time constraints and workload pressures driving avoidance behaviours.

🔍

Root Cause Found

Using Design Thinking, the real culprit emerged: Compliance Fatigue. Employees knew the rules — but lacked the behavioural habit to apply them under high-pressure conditions.

Why Analysis — Fishbone Diagram

Click on each cause to explore the root factors behind the performance gap.

Phishing
Incidents
↑ 15%
Training Design
Click to explore
Habit Formation
Click to explore
Work Pressure
Click to explore
No Feedback Loop
Click to explore
Low Motivation
Click to explore
Measurement Gap
Click to explore

02 Instructional Design & Curriculum Planning

The Strategy

Backward Design dictated the outcome first. SAM ensured the path was tested before it was scaled.

🎯

Backward Design

Started with the desired end behaviour — Proactive Reporting — then worked backward to identify the knowledge, habits, and motivational triggers needed to produce it.

🔄

SAM Model

A rapid prototype of the "Header Challenge" was developed and tested with a pilot group before company-wide launch. Iterative feedback shaped the final experience.

30-Day Learning Journey

Click on each phase to view the scaffolded objectives and activities.

Week 1
Awareness
Week 2
Practice
Week 3
Competition
Week 4
Habit Lock

    Scaffolded Learning Objectives

    Level 1
    Recall — Identify the 5 key indicators of a phishing email header within 60 seconds
    Bloom's: Remember
    Level 2
    Apply — Classify simulated emails as phishing or legitimate using the Header Checklist under time pressure
    Bloom's: Apply
    Level 3
    Analyse — Decompose suspicious emails to identify spoofed metadata patterns across 3 different attack types
    Bloom's: Analyse
    Level 4
    Habit — Proactively report suspicious emails to the security team without prompt, demonstrating internalised behaviour
    Bloom's: Evaluate
    03 EdTech Implementation & Innovation

    The Build

    Three interlocking components. Each designed to address a specific gap in the root cause analysis.

    🏆

    Interactive Gamification

    A 30-day tournament where departments earn points for reporting mock-phishing emails. Real-time leaderboards and "Elite Defender" badges drive social motivation and team competition.

    30-Day TournamentLeaderboardBadgesSocial Motivation
    🥽

    AR-Based Just-in-Time Learning

    Utilising a patented AR approach, employees scan physical markers around the office to identify hidden security risks — unlocked screens, exposed documents, unattended devices.

    Marker-Based ARJust-in-TimePhysical EnvironmentAR Patent
    📱

    Micro-Learning Mini-Game

    "The Header Detective" — a daily 2-minute mobile challenge to identify spoofed metadata. Fits learning into the natural flow of work, embedding practice without disrupting productivity.

    2-Minute DailyMobile-FirstMicro-LearningSpaced Practice

    Play: The Header Detective

    Identify the suspicious elements in this email header. Tap or click what looks wrong.

    Round 1 of 3 Score: 0
    04 Evaluation — Kirkpatrick Level 4

    The ROI

    Measuring what matters. Not completion rates — behaviour change and business impact.

    Level 1
    Reaction
    92%
    of employees preferred this over traditional video training
    Level 2
    Learning
    87%
    passed the Header Detective post-assessment within 30 days
    Level 3
    Behaviour
    +300%
    increase in proactive security reporting within first 60 days
    Level 4
    Results
    $1.2M
    estimated annual risk mitigation value from reduced incidents

    Phishing Click Rate Over 60 Days

    Simulated campaign — % of employees clicking phishing links

    Proactive Security Reports

    Weekly reports submitted to security team (before vs. after)

    Engagement vs. Completion — Old vs. New

    Comparing old compliance video metrics with Human Firewall Championship