What Are the Most Common Pitfalls in Defence Cybersecurity and Resilience; How to Avoid Them?
Defence cybersecurity and resilience is now a core expectation and contractual requirement, for any organisation working with or supporting the UK defence industry. The Ministry of Defence’s (MOD) DEFCON 658 (Cyber Flowdown) and the Cyber Security Model (CSM) set out how cyber risk should be assessed and managed across defence contracts, while broader best practice […]
Is BPSS the same as a Security Clearance? A Guide for HMG and Defence SMEs
If you run any type of business that operates, delivers services to, or bids within the HMG or MOD environment, you have almost certainly asked this question at least once: “Is BPSS actually a security clearance?” The short answer is NO and getting this wrong can cost you contracts, delay onboarding, or even land you […]
Business Impact Analysis: Aligning Information Assurance with Operational Risk enabling Secure Decision-Making
What would happen to your business if you lost access to your critical information or customer data for just 72 hrs? For most UK Small and Medium Enterprises (SMEs) in defence, aerospace, or professional services, the answer is lost revenue, damaged reputation, and possible exclusion from government contracts. Yet many business owners still treat information […]
The Role of FSC in Protecting Classified Defence Data
In the defence environment, a place where cutting-edge technology often intersects with national security, protecting classified information is paramount. From advanced weapon systems to strategic intelligence, the data driving these projects is a prime target for sabotage and espionage. The UK’s ability to protect its national interests and those of its allies depends on maintaining […]
Secure by Design: Embedding Resilience into Defence Supply Chains
Secure by Design (SbD) applies to the definition, acquisition, development, maintenance and disposal of information-based capabilities for MOD. This includes but is not limited to networks, applications, services, information technology, operational technology, platforms and weapons systems. In essence, Secure by Design is about delivering secure Products, Services and Solutions (PSS) which are fit for purpose […]
From DCC to FSC: Navigating Defence Cyber Compliance Frameworks
– Gareth Shaw, MD Pera Prometheus For many small and medium sized businesses, working with the UK Ministry of Defence (MOD) can open valuable opportunities. Supplying goods or services to defence contracts can raise your profile, strengthen partnerships, and increase credibility. However, it also means that businesses will need to meet the security standard set […]
Understanding DEFSTAN 05-138: Are you ready for Issue 4?
– Gareth Shaw, MD Pera Prometheus For UK small and medium-sized enterprises (SMEs) working in the defence sector, staying ahead of information assurance and cybersecurity requirements is essential to securing contracts and protecting sensitive operations. The UK Ministry of Defence (MOD) has recognised that a single weak link in its supply chain can expose critical […]
Data Residency vs Data Sovereignty – Do You Know the Difference?
– Gareth Shaw, MD Pera Prometheus The current digital landscape is fuelled by data, therefore, concepts such as; data residency and data sovereignty have become increasingly important. With the rise of cloud computing, international data transfers, and stringent privacy regulations, organisations must navigate a complex web of rules to ensure compliance and protect sensitive information. […]
Cybersecurity Compliance: Navigating the Maze of Regulations
– Gareth Shaw, MD Pera Prometheus Cybersecurity regulations can feel overwhelming for UK businesses, from small enterprises to defence sector partners. With rising cyber threats and mounting compliance requirements, the stakes are high, but this guide simplifies the journey. It explains key frameworks like GDPR, ISO 27001, Cyber Essentials, Defence Cyber Certifications and NIS (Network […]
Cybersecurity Myths That Are Putting Your Business at Risk
– Gareth Shaw, MD Pera Prometheus Have you ever thought that “it won’t happen to me” when it comes to cyberattacks? In 2024-25, UK businesses are being hit harder than ever. The UK Government’s Cyber Security Breaches Survey 2025 found that phishing remains the most common cyber crime, with an estimated 8.58 million cyber crimes […]