From Security Theatre to Real Resilience: Why Most Incident Response Plans Fall Apart

razorthorn logo
Razorthorn Security
Feb 25, 2026
Razorthorn

Are you ready for the cybersecurity incident that could bring your business to a standstill?

On this episode of Razorwire, I sit down with Marius Poskus, a CISO and vCISO, to tackle one of the most crucial yet overlooked aspects of information security: incident response. Whether you’re leading a cyber team, supporting your board, or simply keen to sharpen your readiness, we dig into what happens when your best defences fail and chaos strikes.

We talk about what actually happens when an incident hits and why polished policies on their own aren’t enough. From the practical realities CISOs face at the sharp end of an incident, through the pitfalls of security theatre, to the importance of clear communications and building resilience, we get into the lessons the playbooks often miss. Marius and I talk through wargaming, learning from unexpected scenarios and how to empower teams to make tough decisions on the fly.

Key talking points:

  • Wargaming the Unthinkable
  • Decision-making Authority in Crisis
  • Security Theatre and Why It Falls Apart Under Pressure

Listen and step inside the mindset every cybersecurity professional needs before the worst happens.

On testing your plan:
“You never want to run through an incident response scenario first time when the real thing happens.”
Marius Poskus

Listen to this episode on your favourite podcasting platform:
(https://razorwire.captivate.fm/listen)

In this episode, we covered the following topics:

  • The Importance of Incident Response
  • Security Theatre vs. Real Preparedness
  • Practical Testing and Muscle Memory
  • Authority and Decision-Making During Events
  • C-Suite Engagement and Support
  • Communication and PR During Incidents
  • Resilience and Recovery Strategies
  • Wargaming and Scenario Thinking
  • Critical Thinking and Cybersecurity Career Skills
  • Learning from Mistakes and History

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
If you need consultation, visit (https://www.razorthorn.com). We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.

Follow us online:
LinkedIn: (https://www.linkedin.com/company/razorthorn-security)
YouTube: (https://www.youtube.com/c/RazorthornSecurity)
TikTok: (https://www.tiktok.com/@razorwire.podcast)
Instagram: (https://www.instagram.com/razorwire.podcast)
X: (https://x.com/RazorThornLTD)
Website: (https://www.razorthorn.com)

Copyright © 2026 OpsMatters™. All rights reserved.