Responding to a Cyber Crisis You Don’t Control with Darren Hopkins

In this episode of Cyber Voices, recorded live at BrisSEC 2026, host David Savva-Willett speaks with Darren Hopkins, Partner at McGrathNicol and a Brisbane-based cybersecurity professional with more than 30 years’ experience across law enforcement, digital forensics, incident response and cyber crisis management.Darren shares insights from his BrisSEC talk, “When You’re Already Losing: Responding to a Cyber Crisis You Don’t Control,” exploring the messy reality of cyber incidents where the playbook does not match the crisis. From third-party suppliers and SaaS dependencies to ransomware negotiations, regulators, media pressure, board expectations and limited information, Darren explains why effective incident response requires more than a neatly documented plan.David and Darren discuss why cyber crisis simulations matter, how organisations can build decision-making muscle memory, the importance of update cadence, the risks of over-communication, and why many incidents remain preventable through basic cyber hygiene, prioritisation and executive support. This episode is essential listening for CISOs, security leaders, board members, risk teams, communications professionals and anyone involved in preparing for or responding to a cyber incident.In this episode, we cover:How to respond when you do not control the cyber crisisWhy incident response plans still matter, even when reality gets chaoticThe role of executives, legal, communications, HR and technical teams during a breachWhy third-party and SaaS risk changes crisis responseHow cyber simulations can prepare boards and leadership teamsThe importance of clear communication and update cadenceWhy are many cyber incidents still preventableWhat cyber leaders should start doing differently today