As we close out May, the focus across digital health has been clear: compliance, connection, and cyber resilience. With the DSPT deadline just weeks away, preparations are in full swing—and we’ve been busy getting ready for the Med-Tech Innovation Expo in June. We’re also keeping a close eye on rising threats across the retail sector and supporting clients in securing their systems against an increasingly unpredictable threat landscape.
We’re proud to share that James, our Lead Penetration Tester, has officially passed his CSTL (CHECK Team Leader) exam—a significant personal achievement and an important step forward for Periculo.
This brings us closer to becoming a CHECK-accredited penetration testing provider, adding to our existing CREST accreditation. The CHECK scheme, operated by the UK’s National Cyber Security Centre (NCSC), recognises trusted providers qualified to deliver approved penetration testing to government and public sector organisations.
Congratulations to James for raising the bar. More progress is on the way.
We’ve spent May in planning mode for the Med-Tech Innovation Expo, and we’re excited to share what we’ve been working on.
Location: NEC Birmingham
Dates: 5–6 June 2025
As the UK’s leading event for medical device innovation and supply chain excellence, Med-Tech Expo is a brilliant opportunity to connect with the healthtech community. Whether you want to talk ISO 27001, penetration testing, or DSPT, we’d love to meet you.
Book a meeting with us at the event
The clock is ticking: 30th June 2025 is the final date for NHS DSPT submissions.
For the 2024–25 cycle, an independent DSPT audit is now mandatory under evidence item 9.4.5. Organisations must not only submit their evidence but also validate it through a formal audit.
We’re supporting clients with:
DSPT readiness and gap analysis
Harpe-powered evidence tracking
Policy development and risk documentation
End-to-end audit preparation and delivery
Audit slots are filling fast. Book a call today to get started.
Major UK retailers have faced cyberattacks in recent months, with Marks & Spencer, Co-op, Adidas, and Harrods all experiencing serious security incidents since the start of the year.
M&S halted online orders due to ransomware.
Co-op saw customer data stolen in a targeted attack.
Adidas was affected by a third-party data breach.
Harrods successfully stopped an attempted breach thanks to early threat detection.
These cases highlight just how varied and persistent cyber threats have become, even for the most well-resourced organisations.
Read our latest post to find out more...
In 2025, healthcare led all sectors in reported data breaches for the third year in a row.
As connectivity and data volume grow in healthtech, the sector remains one of the most attractive—and vulnerable—targets for cybercriminals.
Train for Reality, Not Theory
Go beyond once-a-year training. Build in bite-sized, scenario-based exercises—like phishing simulations or quick “what would you do if…” challenges—to keep your team sharp and security-conscious year-round.
Phishing Simulation
A safe, controlled way to test whether employees can spot suspicious emails. These tests help identify risk areas and improve real-world awareness before a real attack occurs.
Contact us to find out how we can help with phishing simulations.
Need help meeting compliance requirements, completing your DSPT or needing a DSPT Audit, or preparing for your next ISO 27001 audit? Want to test your product with our CREST-accredited penetration testing team?
Book a call – Let’s talk about your next step
Subscribe – Stay informed with the latest insights