It’s hard to believe we’re already at the end of the year. In this month’s newsletter, we cover a major milestone for Periculo, what it means for organisations working towards Defence Cyber Certification, and a handful of practical security steps you can put in place before the festive slowdown. Let's get into it...
As we close out the year, we want to say a massive thank you to all our customers and partners who have trusted Periculo to support your security and compliance goals.
Over the past year, we’ve helped organisations strengthen their foundations with countless Cyber Essentials certifications, delivered a fully booked penetration testing calendar, completed hundreds of DSPT audits ahead of the June deadline, and carried out IT Health Checks (ITHCs) for large organisations where robust assurance is essential.
We’ve also been proud to support teams in highly regulated sectors with penetration testing as part of FDA submission preparation, DTAC support for digital health assurance, and MDR submission readiness activities, helping med tech and health tech organisations meet critical regulatory milestones with confidence.
Alongside this project work, we’ve continued to support our managed service customers with ongoing ISO 27001 delivery and wider compliance and governance support, helping teams stay audit-ready, reduce risk, and maintain momentum throughout the year.
Thank you again for choosing Periculo. We wish you a very Merry Christmas and look forward to continuing our support into 2026.
We’re delighted to share that Periculo has reached two significant milestones within the Defence Cyber Certification (DCC) scheme, strengthening both our service offering and our own cyber assurance credentials.
Periculo has been officially accredited by The IASME Consortium Ltd as a Certification Body for Defence Cyber Certification (DCC) Levels 0 and 1, authorising us to assess and certify organisations across both the foundational Level 0 tier (for suppliers handling very low assessed cyber risk) and the more advanced Level 1 requirements (for low-to-moderate risk profiles), where organisations must demonstrate a comprehensive cybersecurity programme beyond basic cyber hygiene.
We are already planning to extend this accreditation to DCC Levels 2 and 3 in early 2026, allowing us to support organisations operating in higher-risk defence environments as the scheme continues to roll out.
The Defence Cyber Certification scheme, developed by the UK Ministry of Defence (MoD) in partnership with IASME, replaces contract-by-contract questionnaires with a single, organisation-wide assurance that remains valid for three years with annual check-ins. It is increasingly expected as part of MOD procurement and helps demonstrate an organisation’s commitment to cyber resilience across people, processes and technology.
What this means for our customers and partners is two-fold:
Direct support for your certification journey – if you are aiming to achieve DCC Level 0 or Level 1 certification, Periculo can now support you directly as an accredited Certification Body.
Reinforced expertise and credibility – these accreditations deepen our capability in defence-focused cybersecurity assurance and give you confidence that we maintain rigorous standards aligned with MOD expectations.
Whether your organisation is preparing for certification or looking to strengthen its overall security posture, we’re here to help guide you through the DCC process and beyond.
Thomas brings experience from the Defence sector and will be working within one of our internal squads focused on governance, risk, and compliance as part of a managed service.
"Hi, I’m Thomas King. I hold a BSc in Mathematics with Statistics and have spent the past year working as a Junior Consultant in the Defence sector. Alongside this, I’m currently studying for my Master’s in Cyber Security — a field I’m passionate about and committed to building my long-term career in with Periculo.
Outside of work, I’m very passionate about strength training. The culture at Periculo feels like the perfect place to develop this further, as there’s a collective drive to improve ourselves both physically and mentally.
I’m thrilled to have joined Periculo as a Cyber Security Consultant, where I’ll be part of one of our internal squads focused on governance, risk, and compliance as part of a managed service. Over time, our goal is to evolve this squad into a defence-focused capability, and I’m excited to support that journey while growing my expertise in information security and helping deliver high-quality services to our clients.
I chose Periculo because it’s rapidly growing, with huge potential for personal and professional development. From the moment I met the team, it was clear how welcoming, driven, and supportive the culture is. It truly feels like a place where limits are unbound, and I’m excited to grow alongside the company.
Looking forward to what’s ahead!"
Review access before people switch off
Before the holidays begin, review user access, especially temporary, contractor, and third-party accounts. Removing or reducing unnecessary access before extended leave can significantly reduce risk during periods of lower oversight.
A short access review now can prevent a long incident response later.
Defence Standard 05-138
This is the UK Ministry of Defence’s core cyber security standard for defence suppliers. It sets out the minimum cyber controls that an organisation must have in place based on its assessed level of risk, with requirements increasing in line with contract complexity and sensitivity. These controls form the foundation of the MOD’s Cyber Security Model and underpin the newer Defence Cyber Certification (DCC) scheme, helping ensure consistent, proportionate cyber resilience across the supply chain.
Most breaches are detected days or weeks after they occur
Industry data consistently shows that many security incidents go undetected for extended periods, particularly during holidays or periods of reduced staffing. Strong monitoring and alerting are just as important as preventative controls.
If you’re planning security or compliance work for the new year, now is a great time to get ahead. Get in touch to book a conversation and start 2026 with clarity and confidence.