BRIM leads the call for national attention

Launched at the Senior Leaders Cyber Summit 2023, this whitepaper is a response to the UK Government cyber security vision for leadership, protection, responsibility, and innovation. It presents a set of pioneering conclusions that extend well beyond the borders of the UK.

If the UK embraces these conclusions, and if our national agencies and forums engage with these recommendations, the UK will lead an innovative and pioneering evolution of regulation in the marketing of the cyber sector.

“The vision of the UK’s National Cyber Strategy (NCS) 2022 is that the UK will continue to be a leading, responsible, and democratic cyber power, able to protect and promote its interests in and through cyberspace in support of national goals. The NCS 2022 set out how the UK will continue to adapt, innovate, and invest in order to pioneer a cyber future with the whole of the UK.” - NCS 2022

Background

At the National Cyber Security Conference for the Energy sector in September 2022, Joanna Goddard, Partner at BRIM, addressed the issue to a legal panel featuring Rois Ni Thuama, EU Cyber Woman of the Year, who discussed the development of C-suite responsibilities for cyber accountability. This white paper, “Should Marketing Within the Cyber Sector be Regulated?” is the result of a dynamic collaboration between three recognised 'women in cyber' trailblazers, who co-authored it following that conference discussion.

Joanna Goddard, an award winning specialist data-informed growth Consultant to the UK cybercrime programme for SME and supply chain cyber resilience for BRIM; Laura Irvine, Partner and Head of Regulatory Law at Scottish law firm, Davidson Chalmers Stewart (DCS), and former Board Members of Scottish Business Resilience Centre; and Rois Ni Thuama , EU Cyber Woman of the Year, and Head of Cyber Governance, boasting an in-house Doctor of law specialising in Cyber Governance at UK based cyber provider, Red Sift, collaborated to co-author this whitepaper.

Whilst the 2022 conference panel addressed the imperative of C-suite leaders becoming more educated about their cyber resilience risk and accountabilities, Joanna of BRIM raised the topic of dual responsibility by legislators, to make the selection process more protected once C-suite leaders become educated, and ready to engage and invest in cyber resilience measures. Notably, an imperative for small businesses, where they are unlikely to have in-house security or security expertise within their IT supplier.

With no standards to prevent ‘false promises’ in that any single product or service can make an organisation ‘cyber-secure’, procurement can lead to a false sense of security, resulting in increased risk of, rather than improved resilience, due to increased ignorance. This contraves the NCS 22. Red Sift and DCS responded in support of this proposition.

The relationship between accountability in the supply chain underlines the requirements for assurance in the marketing of promises made.

This in-depth and dynamic white paper includes:

· The call for the imperatives to be addressed within the marketing of cyber.

· The impact and opportunity for skills and sector growth.

· Indicators of success in realising change.

Co authored by

Joanna Goddard FCMI Partner for BRIM Business Resilience International Management

Laura Irvine LLB LLM MA Partner at Davidson Chalmers Stewart

Dr. Rois Ni Thuama Head of Cyber Governance at Redsift

Sponsored by

OSP Cyber