Understanding DEFSTAN 05-138: Are you ready for Issue 4?
– Gareth Shaw, MD Pera Prometheus For UK small and medium-sized enterprises (SMEs) working in the defence sector, staying ahead of information assurance and cybersecurity requirements is essential to securing contracts and protecting sensitive operations. The UK Ministry of Defence (MOD) has recognised that a single weak link in its supply chain can expose critical […]
Data Residency vs Data Sovereignty – Do You Know the Difference?
– Gareth Shaw, MD Pera Prometheus The current digital landscape is fuelled by data, therefore, concepts such as; data residency and data sovereignty have become increasingly important. With the rise of cloud computing, international data transfers, and stringent privacy regulations, organisations must navigate a complex web of rules to ensure compliance and protect sensitive information. […]
Cybersecurity Compliance: Navigating the Maze of Regulations
– Gareth Shaw, MD Pera Prometheus Cybersecurity regulations can feel overwhelming for UK businesses, from small enterprises to defence sector partners. With rising cyber threats and mounting compliance requirements, the stakes are high, but this guide simplifies the journey. It explains key frameworks like GDPR, ISO 27001, Cyber Essentials, Defence Cyber Certifications and NIS (Network […]
Cybersecurity Myths That Are Putting Your Business at Risk
– Gareth Shaw, MD Pera Prometheus Have you ever thought that “it won’t happen to me” when it comes to cyberattacks? In 2024-25, UK businesses are being hit harder than ever. The UK Government’s Cyber Security Breaches Survey 2025 found that phishing remains the most common cyber crime, with an estimated 8.58 million cyber crimes […]
The Expanding Attack Surface: IoT, 5G, and Remote Work
– Gareth Shaw, MD Pera Prometheus As a security consultant working with UK businesses, particularly in the defence industry, I’ve seen how technology is transforming the way we do business operations at a staggering pace. The rise of the Internet of Things (IoT), 5G networks, and remote work has revolutionised operations but also opened new […]
The Human Firewall: Why Employee Training Is Your First Line of Defence
– Gareth Shaw, MD Pera Prometheus Throughout my military career and now as a security consultant, I’ve witnessed the relentless evolution of information and cyber threats. While technology has advanced, bringing sophisticated defences to counter increasingly complex attacks, one vulnerability remains constant: the human element. For businesses in the UK Defence Industry supply chain, employees […]
Security challenges for the industry partners working with MOD on AI projects — My thoughts
– Gareth Shaw, MD Pera Prometheus Artificial Intelligence (AI) is no longer just a research topic for the UK Ministry of Defence (MOD). It is beginning to be embedded into live programmes that analyse intelligence at scale, optimise logistics, and support complex decision-making. The Defence Artificial Intelligence Strategy (2022) sets the ambitions to leverage AI […]
Implementing Information and Cyber Security Governance for Small and Medium Enterprises (SMEs)
Key Takeaways Why Cyber Security Governance Matters When people hear “information and cyber security governance”, it often sounds like something designed for giant corporations with entire IT departments at their disposal. For Small and Medium Enterprises (SMEs), the prospect of introducing your own security and governance systems and processes can feel intimidating, potentially expensive, and […]
Ransomware‑as‑a‑Service (RaaS): Every Business is a Target
By Gareth Shaw, Managing Director, Pera Prometheus The Growing Threat of RaaS Ransomware is a type of malware designed to either steal data from a system, or deny access by locking users out of their data until a ransom is paid. Once deployed, software will either attempt to export or encrypt (or both) critical data, […]
Information and Cybersecurity Certifications: Which One Do You Need
By Gareth Shaw, Managing Director, Pera Prometheus I understand that the sheer number of information and cybersecurity certifications available to businesses can be overwhelming, but each certificate does actually lend itself to certain requirements and add value. The challenge is – How do you choose which certificate, or more likely, which certificates, are best suited […]