Episode Details

In this episode of Cyber Voices, recorded live at BrisSEC 2026, host David Savva-Willett speaks with Darren Hopkins, Partner at McGrathNicol and a Brisbane-based cybersecurity professional with more than 30 years’ experience across law enforcement, digital forensics, incident response and cyber crisis management.

Darren shares insights from his BrisSEC talk, “When You’re Already Losing: Responding to a Cyber Crisis You Don’t Control,” exploring the messy reality of cyber incidents where the playbook does not match the crisis. From third-party suppliers and SaaS dependencies to ransomware negotiations, regulators, media pressure, board expectations and limited information, Darren explains why effective incident response requires more than a neatly documented plan.

David and Darren discuss why cyber crisis simulations matter, how organisations can build decision-making muscle memory, the importance of update cadence, the risks of over-communication, and why many incidents remain preventable through basic cyber hygiene, prioritisation and executive support. This episode is essential listening for CISOs, security leaders, board members, risk teams, communications professionals and anyone involved in preparing for or responding to a cyber incident.

In this episode, we cover:

• How to respond when you do not control the cyber crisis
• Why incident response plans still matter, even when reality gets chaotic
• The role of executives, legal, communications, HR and technical teams during a breach
• Why third-party and SaaS risk changes crisis response
• How cyber simulations can prepare boards and leadership teams
• The importance of clear communication and update cadence
• Why are many cyber incidents still preventable
• What cyber leaders should start doing differently today