In this episode of CyberOXtales, host Neatsun Ziv leads a dynamic role-play exercise with cybersecurity leaders Heather Hinton, a four-time CISO, and Christopher Crummey, Global Director at Sygnia. Together, they walk through a simulated npm supply-chain compromise, revealing how CISOs, IR teams, and executives should respond in the first critical hours of a dependency attack.
The discussion dives into triage under pressure, defining crisis levels, onboarding IR partners in advance, the role of communication in limiting panic, and the importance of practice and culture in incident response. From establishing ‘circles of trust’ to managing business continuity tradeoffs, this episode is a blueprint for leaders who want to stay ahead of the next supply-chain shock.
– Onboarding is everything: Build relationships and contracts with IR firms before the crisis — don’t wait for procurement during an attack.
– First 5 hours set the tone: Decisions need to be made fast, with playbooks and muscle memory guiding action.
– Containment vs. availability: Every company must define tradeoffs in advance — especially SaaS and financial services.
– Crisis communication matters more than tech: Transparency and consistent updates build trust with boards, execs, and customers.
– Practice relentlessly: Tabletops and micro-exercises prevent panic paralysis and build alignment across swim lanes.
– Supply-chain risk is escalating: Incidents like npm and CircleCI prove the weakest link can be a single maintainer’s compromised account.
Heather Hinton is a four-time CISO and veteran security leader with extensive experience guiding organizations through crisis and resilience planning.
Christopher Crummey is the Global Director at Sygnia, an international incident response firm, where he leads crisis management, containment, and recovery for organizations worldwide.