Should the Marketing of Cyber be Regulated?

Article by BRIM: Business Resilience International Management

To download this whitepaper, please click here.

Three trailblazing women in Cyber raise the call for national attention: Joanna Goddard FCMI, Laura Irvine LLB LLM MA, & Dr. Rois Ni Thuama.

“The vision of the UK’s National Cyber Strategy (NCS) 2022 is that the UK will continue to be a leading, responsible, and democratic cyber power, able to protect and promote its interests in and through cyberspace in support of national goals. The NCS 2022 set out how the UK will continue to adapt, innovate, and invest in order to pioneer a cyber future with the whole of the UK.” – NCS 2022 This whitepaper is a response to that vision for leadership, protection, responsibility, and innovation, and it presents a set of pioneering conclusions that extend well beyond the borders of the UK. If the UK embraces these conclusions and our national agencies and forums engage with these recommendations, the UK will lead an innovative and pioneering evolution of regulation in the marketing of the cyber sector.


At the National Cyber Security Conference for the Energy sector in September 2022, Joanna Goddard, Partner at BRIM, addressed the issue to a legal panel featuring Rois Ni Thuama, EU Cyber Woman of the Year, who discussed the development of C-suite responsibilities for cyber accountability. This white paper, “Should marketing within the Cyber Sector be regulated?” is the result of a dynamic collaboration between three recognised cyber trailblazers who co-authored it following that conference discussion.

In April 2023 the Cyber Leaders’ Summit, sponsored by Cyber News Global, OPS Cyber, Police Scotland, FBI and CIISec, invited the Coauthors to officially launch their white paper at the summit.

Joanna Goddard, award winning specialist data-informed growth Consultant to the UK cybercrime programme for SME and supply chain cyber resilience for Business Resilience International Management (BRIM); Laura Irvine, Partner and Head of Regulatory Law at Scottish law firm, Davidson Chalmers Stewart (DCS), and former Board Members of Scottish Business Resilience Centre; and Rois Ni Thuama , EU Cyber Woman of the Year, and Head of Cyber Governance, boasting an in-house Doctor of law specialising in Cyber governance at UK based cyber provider, Red Sift collaborated to co-author this whitepaper. The conversation following the 2022 National Cyber Security Conference for the Energy sector was the catalyst.

Whilst the 2022 conference panel addressed the imperative of C-suite leaders becoming more educated on their cyber resilience risk and accountabilities, Joanna of BRIM raised the topic of dual responsibility by legislators, to make the selection process more protected once Csuite leaders become educated, and ready to engage and invest in Cyber resilience measures. Notably imperative for small businesses where they are unlikely to have inhouse security or security expertise within their IT supplier. With no standards to prevent ‘false promises’ in that any single product or service can make an organisation ‘cyber secure’, procurement can result in a false sense of security, resulting in increased risk of, rather than improved resilience, though increased ignorance. Contravening the NCS 22. Red Sift and DCS responded in support of this proposition.

The relationship between accountability in the supply chain underlines the requirements for assurance in the marketing of promises made.

Research showed no one was addressing it.

This in depth and dynamic Whitepaper includes:

• The call for the imperatives to be addresses within the marketing of cyber

• The impact and opportunity for skills and sector growth

• Indicators of Success in realising change

Sponsored by: OSP Cyber Academy

To download this whitepaper, please click here.