Guardians of the Grid: Ethical and Impactful Marketing of Threat Intelligence

In threat intelligence and vulnerability research, it's easy to admire the well-resourced organizations: hundreds of researchers, expansive marketing teams, and dedicated disclosure experts, all aligned toward one goal. For many, that's the ideal.

But what happens when you're part of a lean team, perhaps one marketing professional, a small research group, and limited resources? Can you still achieve meaningful, responsible, and high-impact threat research marketing?

Zenobia Godschalk, Founder and CEO of ZAG Communications, and Paul Asadoorian, Principal Security Researcher at Eclypsium, answered these questions at CyberMarketingCon last year. Based on their experiences at a fast-paced, research-driven company, they share a roadmap for how smaller teams can punch well above their weight without compromising quality, ethics, or impact.

Vulnerability Disclosure: More Than a Technical Exercise

One of Paul Asadoorian’s key points centered around the human aspect of disclosure. Vulnerability research is often viewed through a technical lens, but disclosing those vulnerabilities is also about relationships and trust.

For example:

Your team identifies a critical vulnerability. The vendor you disclose may also be a valued customer or partner. This immediately introduces sensitivity.

“You’re essentially telling someone their product and their hard work is flawed,” Paul explained. “It’s like telling them their baby is ugly.”

Handling that disclosure responsibly requires diplomacy, empathy, and tact. These qualities are not always at the forefront of a technical researcher’s skill set (understandably so). That’s where marketing and communications professionals step in, making sure that both parties approach disclosure constructively without alienating partners or damaging relationships.

Knowing When Not to Publicize

A recurring theme during the session was the importance of responsible disclosure.

Zenobia and Paul both highlighted that not every discovery needs to be publicized immediately, or at least not done. Marketing teams eager to tell impactful stories might feel pressure to publish findings quickly, but there’s a balance to be struck.

Paul shared an example:

A well-known vulnerability in hotel keycard systems exists today, one that could allow attackers with the right tools to unlock any hotel room. Despite its significance, the researchers and those responsible for the software chose not to disclose full details. 

Why? The risk to public safety outweighed the benefit of disclosure.

This is where internal collaboration is vital. Marketing must align closely with research teams to understand the technical details and ethical considerations. Sometimes, the right decision is to hold back or wait until mitigations are in place, even if that means sacrificing a headline.

Effective Communication: Early, Continuous, Controlled

Zenobia wanted to spotlight the importance of early and continuous communication.

Most of the time, marketing teams are brought in late in the disclosure process, after technical teams have already decided what they’re releasing. Which creates unnecessary friction and missed opportunities.

Instead, Zenobia suggests integrating marketing much earlier. By involving communications professionals during the research phase, teams can:

• Anticipate potential messaging challenges.
• Identify the broader business impact.
• Prepare supporting materials well in advance.

Paul added a cautionary note regarding external communication. While internal over-communication is important, keeping researchers, legal, executives, vendors, and sales in the loop, external communication must be carefully controlled. Researchers, understandably excited about their findings, may tease details on social media, risking leaks before the disclosure process is finalized. Maintaining strict coordination prevents premature information releases that could potentially undermine the process.

Document, Document, and Do more Documenting

Documentation might seem like a basic housekeeping task, but Zenobia and Paul stressed its importance, especially for lean teams.

According to Paul not writing things down like key findings, timelines, and decisions, it becomes too easy for details to slip through the cracks. Thorough documentation supports:

• Preparing press materials efficiently.
• Answering media and customer questions confidently.
• Ensuring nothing critical is lost during the disclosure process.

Zenobia highlighted that comprehensive documentation doesn’t mean overwhelming volumes of content. Sometimes, a single, well-crafted blog post supported by briefings and clear talking points is enough. Focus on capturing the essence of the research clearly and accessible.

Why Should Anyone Care? Always Ask the Hard Question

A thread woven throughout the session was the marketer’s responsibility to constantly ask:
“Why does this matter?”

It’s easy for researchers to get caught up in the technical, like kernel-level exploits, firmware vulnerabilities, and esoteric BIOS bugs. But outside of the technical community, the question is:

Who is affected? How widespread is this? How easy is it to exploit? Why should the broader public care?

Zenobia and Paul shared how this has become second nature at Eclipsium. Before anything is published, their teams collaboratively answer:

• How large is the affected install base?
• How critical is the impact (safety, financial, reputational)?
• How easy is it for attackers to exploit this?
• Can the media validate the story quickly?

By focusing on these questions, marketing guarantees that disclosures echo with security experts, customers, partners, and the wider industry.

One final point that every lean team should remember: Disclosure plans can (and often do) go sideways.

Paul shared stories of disclosures progressing smoothly, only to hit unexpected legal or vendor roadblocks at the last minute. Sometimes, additional vulnerabilities are discovered that require another year of coordination. Other times, external factors (lawsuits, vendor concerns) may delay a disclosure indefinitely.

For Zenobia, marketing teams should always have contingency plans. They should maintain a steady content cadence and keep backup stories ready to fill gaps if a disclosure stalls unexpectedly. Flexibility is key.

What Sets Successful Teams Apart:

You don’t need a 100-person research department or a massive marketing machine to deliver responsible, effective, high-impact threat research marketing. You need collaboration, foresight, and clear communication from start to finish.

‍