Periculo
Periculo digital health security channel is made for NHS suppliers, healthtech teams, IG leads, and clinicians who are building or buying digital services. Powered by the experts at Periculo, we share clear, actionable advice through bite-size Shorts and quick posts, plus the occasional deeper dive. Expect plain-English guidance on NHS DSPT, Cyber Essentials/Plus, ISO 27001, medical device and app security, third-party risk, secure engineering, incident response, and procurement readiness for NHS opportunities. No fluff—just checklists, templates, and real-world examples you can apply the same day. Subscribe to stay on top of what matters, and tell us what challenges you want solved next.
Periculo
DSPT Audit 2025–26: The New Rules Are Here
The NHS has released its official mandatory audit requirements for the 2025–26 DSPT cycle.
Here’s the quick summary:
Large IT suppliers (50+ staff, £10M+ turnover) must now complete an independent external audit
The audit covers 11 key assertions (down from 13)
Assertion 3.3 has been dropped
Deadline: 30 June 2026
This marks a big shift from self-assessments to verified audits — raising the bar for security and data protection across the health sector.
1 month ago | [YT] | 0
View 0 replies
Periculo
Don’t click suspicious links.
Even if they promise free biscuits.
2 months ago | [YT] | 0
View 0 replies
Periculo
I ran out of excuses.
So I told IT: “I didn’t enable MFA because … laziness
2 months ago | [YT] | 0
View 0 replies
Periculo
Category 2 IT suppliers face stricter NHS DSPT requirements this year.
Mandatory independent audits
Interim baseline submission deadlines
Evidence must prove real implementation, not just paperwork
2 months ago | [YT] | 0
View 0 replies
Periculo
Strong passwords save lives.
Weak ones just ruin Mondays.
2 months ago | [YT] | 0
View 0 replies
Periculo
Medical devices are now battlegrounds in healthcare cybersecurity.
The biggest threats include:
Malware
Network intrusions
Ransomware
Remote access exploits
Supply chain attacks
Patch delays
Data exfiltration
2 months ago | [YT] | 0
View 0 replies
Periculo
ISO 27001 is powerful — but for NHS suppliers, it may not be enough. 🚨
Under PPN 014, Cyber Essentials Plus is still required to prove baseline defences are tested and working.
2 months ago | [YT] | 1
View 0 replies
Periculo
ISO 27001 is risk-based — which means two certified companies could have very different controls.
That flexibility is valuable, but for NHS suppliers, it may not meet Cyber Essentials Plus requirements.
2 months ago | [YT] | 1
View 0 replies
Periculo
The Kido cyber attack wasn’t just about stolen data — attackers tried to damage trust by urging families to sue the company. 😮
2 months ago | [YT] | 1
View 0 replies
Periculo
What happened at Periculo in September?
✨ Joined ABHI
🛡️ Helping clients prep for DSPT 2025/26
🏃♂️ Team marathons & IronMan
🔐 Moving toward CHECK accreditation
💻 Harpe v1.3.14 update released
2 months ago | [YT] | 1
View 0 replies
Load more