MOD Formally Confirms DCC as Proof of DEFCON 658 Conformance
Gareth Shaw, MD Pera Prometheus Key Takeaways Defence Cyber Certification (DCC) launched in May 2025, but its validity as proof of conformance with the Cyber Security Model (CSM) was not formally acknowledged by MOD until now (30 Mar 2026). In addition, there has been a degree of confusion as to the scope and breadth of […]
No Framework, No Safety: Information Security and Cyber Resilience for UK SMEs
Key Takeaways Most businesses have some form of information and cybersecurity in place. Antivirus software, reasonably strong passwords, maybe a firewall. The problem is that having a handful of tools is not the same as having a plan. Without something to connect them, a framework, you end up with security that covers the obvious things […]
IPSA Is Not an HR Process, It’s Your First Line of Defence Against Insider Threat
Key Takeaways Picture this. A small defence contractor spends months earning their IPSA (Industry Personnel Security Assurance) accreditation. The processes in the PRF have been accepted by ISAC and you can now manage your own security clearances. Then, twelve months later, a member of staff with security clearance leaves under difficult personal circumstances. It takes […]
ISO 27001 Checklist: Giving Information Assurance to potential Clients
ISO 27001 is the internationally recognised standard for Information Security Management Systems (ISMS). In the defence supply chain, it can carry particular weight because the information you handle, technical drawings, project timelines, personnel data, classified correspondence etc. often have implications that go well beyond your own organisation. Your clients need to have confidence your business […]
Your Most Frequently Asked Questions Surrounding Cyber Essentials and the Upcoming Question Set Changes
As an IASME approved Certification Body for Cyber Essentials and Cyber Essentials Plus, Pera Prometheus has a duty to demystify the confusion surrounding scheme changes and ensure that the businesses we work with are always informed, prepared, and ahead of the curve. From the 27th of April 2026, all new Cyber Essentials assessments will be […]
Lock the Door” – Why the UK Government’s New Cyber Security Campaign Is a Wake-Up Call
Key Takeaways Imagine leaving the front door of your business wide open every single day. No lock, no alarm, no one watching. That is, in effect, what thousands of UK businesses are doing on-line, and cyber criminals are walking straight in. The UK government has had enough. In early 2026, the Department for Science, Innovation […]
Cyber Essentials is Changing in April 2026: Is Your Organisation Ready?
Key Takeaways Cyber Essentials has always been more than a box-ticking exercise. For organisations working within the UK Defence supply chain, it is a baseline contractual requirement and one of the first things a procurement team will check before a contract is awarded. But the scheme is not static. From 27 April 2026, a new […]
IPSA Requirements Explained: What MOD Contractors Must Demonstrate
Key Takeaways • People First: IPSA (Industry Personnel Security Assurance) focuses on the management and aftercare of vetted staff, distinct from physical security. • Mandatory Roles: You must appoint a Board Level Contact (BLC) and a Personnel Security Controller (PSC). • Prerequisite for FSC: If you require Facility Security Clearance to store assets, you must […]
CSM Version 4 Explained: What Defence Suppliers Need to Know in 2026
For defence suppliers, the landscape of cyber and supply chain security has shifted significantly. With the formal implementation of the Cyber Security Model version 4 (CSM v4), the Ministry of Defence (MOD) has moved away from temporary interim measures to a robust, risk managed evidence-based regime. If your organisation is part of the UK defence […]
Facility Security Clearance: What It Is and When Your Organisation Needs It
If you are navigating the UK defence supply chain in 2026, you have likely encountered a wall of acronyms. Among the most critical and often the most misunderstood is Facility Security Clearance (FSC), still often referred to as ‘List X’, which was the forerunner to FSC. For many suppliers, FSC is the key that allows […]