Skip to content
All posts

June Newsletter 2026

June has been a significant month for Periculo, and that might be an understatement. We have some news to share that marks a new chapter for the business.

Alongside that, we have been recognised nationally for our commitment to the Armed Forces community, welcomed a new face to the team, and been on the road at two industry events where we saw a noticeable shift in the digital health space, with more organisations recognising that Cyber Essentials Plus is fast becoming a baseline expectation. 

All the news below...

Periculo Joins DefenceLabs — A New Chapter

This is the big one. This month, Periculo joined DefenceLabs, and it is the most significant moment in the company's history to date.

DefenceLabs is building the UK's leading offensive cybersecurity and resilience group, with deep experience in scaling cybersecurity businesses. Their model is to bring together specialist cyber companies with complementary strengths across offensive security, managed services, and resilience and to invest in their growth. Periculo is now part of that group.

For Harrison and the leadership team, this was not a decision taken lightly. Periculo has been built on a clear identity: deep sector expertise, genuine client relationships, and a refusal to compromise on quality. Finding a group that shares those values and that sees the same opportunity in the UK market took time. DefenceLabs is that group.

What this means for our clients is straightforward. Your services continue as agreed. Your existing relationships remain exactly as they are. The way we work together does not change. That was non-negotiable going into this process, and it remains so today. Within the DefenceLabs model, each business retains its identity and expertise that is the point. What you have always valued about Periculo does not change.

What will evolve over time is the scale of what we can offer. Being part of DefenceLabs gives Periculo access to a wider range of specialist expertise and resources, all backed by practitioners who have operated at the highest levels of the industry. For clients in digital health and defence sectors where the stakes are genuinely high, that matters.

We are proud of what Periculo has built. Joining DefenceLabs is not a departure from that. It is the next step in building something bigger, and we could not be more excited about what comes next.

If you have any questions, please get in touch.

Welcome to Periculo, Chris!

We are delighted to welcome Chris Kilworth, our new Security Consultant, to the Periculo team.

IMG_9666

"I’m excited to introduce myself as the newest Security Consultant at Periculo! I’ve come from a background in financial crime, and it’s been a great foundation moving into cybersecurity. There’s far more overlap between the two than people often realise, and it’s an incredibly fast-paced space to be working in. I’m already enjoying getting stuck into client work and building strong relationships along the way. On top of that, I’m currently studying for my Security+ exam to keep building on what I bring to the team. Looking forward to working with you all!"

Armed Services Covenant — Silver Award

We are proud to share that Periculo has been awarded the 2026 Silver Employer Recognition Scheme (ERS) Award by the Ministry of Defence.

The ERS Silver Award recognises employers who actively demonstrate their support for the Armed Forces community, including serving personnel, veterans, reservists, and their families. It sits within the Armed Forces Covenant framework, and this year, Periculo joins over 300 employers nationally to receive the award.

This is not a box-ticking exercise. The values behind the Armed Forces Covenant commitment, reliability, and looking after people are ones we try to live by as an organisation. Being formally recognised for that is genuinely meaningful.

You can read more about our Armed Forces Covenant commitment here.

In the Field

June has been a busy delivery month across the team.

DSPT audits have continued at pace following the 30 June Version 8 submission deadline. The team supported a significant number of Category 2 NHS IT supplier organisations through their external audit requirements in the final run-up to the deadline, with strong demand for audit slots right through to the last week of the month.

Cyber Essentials and Cyber Essentials Plus assessments have continued across a range of organisations in the health technology and defence sectors. Certifications have been completed for clients of both initial certifications and renewals running throughout the month.

Penetration testing engagements have continued across healthcare, technology, and other sectors, with findings structured around business impact to give teams a clear remediation pathway rather than a prioritisation problem.

Data protection work has progressed for a few clients, where the team has been designing and completing a Record of Processing Activities (RoPA) across HR, engineering, finance, IT, and operations functions, a meaningful piece of compliance infrastructure for an organisation of their scale.

Managed service delivery has continued uninterrupted. Work this month has spanned security controls verification, supplier due diligence, staff information security awareness, and ongoing ISO 27001 maintenance across client accounts.

Out in the Field — HLTH Europe and EMBE Expo

1781712390080

June has been an active month for events, with Cory and Craig attending both HLTH Europe 2026 in Amsterdam and the EMBE Expo in Coventry.

There is something in-person events offer that online connections cannot replicate. Across both, we had the chance to spend time with existing clients and partners, meet companies doing genuinely interesting work in the digital health and medical technology space, and have the kind of conversations that move things forward. The consistent theme was familiar: organisations navigating an increasingly complex compliance landscape, looking for partners who understand their sector, not just their security requirements. It is exactly where Periculo sits, and it was good to see that reflected back.

Security Tip of the Month

Cyber Essentials Is Becoming a Must-Have for Digital Health SMEs

Talking to SME digital health companies this month, a clear pattern is emerging: Cyber Essentials is no longer optional. Organisations are finding it required or strongly expected across three converging areas.

The DSPT now expects NHS IT suppliers to hold Cyber Essentials as a baseline. DTAC assessments, which gate access to NHS procurement for digital health products, include cyber and data security requirements that Cyber Essentials directly supports. And increasingly, NHS trusts and integrated care boards are asking for it as a condition of supplier onboarding, even where it is not formally mandated.

For SMEs earlier in their NHS journey, the good news is that Cyber Essentials is achievable and relatively straightforward. It is a well-defined standard with a clear certification process. The challenge is that organisations often leave it too late, discovering the requirement mid-procurement when time is against them.

If your organisation is working towards DSPT compliance, a DTAC assessment, or NHS supplier status, it is worth getting Cyber Essentials in place now rather than at the point of need.

Get in touch if you would like to understand what is involved.

Jargon Buster

DTAC — Digital Technology Assessment Criteria

DTAC is the NHS framework used to assess whether a digital health technology meets the baseline standards required for use within the health and care system. It covers five domains: clinical safety, data protection, technical assurance, interoperability, and usability and accessibility. For digital health companies, a DTAC assessment is often a prerequisite for NHS procurement — it is how trusts and integrated care boards establish that a product is safe, secure, and fit for purpose before deploying it in a clinical environment. Cyber Essentials sits within the technical assurance domain, which is one of the reasons it has become a practical requirement for SMEs seeking to work with the NHS.