Secure Your Business with SMB1001 Certification
What is an SMB1001 Certification?
The SMB1001 is a comprehensive framework designed to enhance the cyber security posture of small to medium-sized businesses. This certification demonstrates your organisation’s commitment to safeguarding sensitive information and protecting against cyber threats.
By achieving SMB1001 certification, businesses can establish trust with clients, comply with industry regulations, and differentiate themselves in a competitive market. It’s an essential step in ensuring that your organization is prepared to face the evolving landscape of cyber threats while enhancing your overall security strategy.
What Does White Rook Cyber Offer?
Partner with White Rook Cyber for your SMB1001 needs!
At White Rook Cyber, we offer specialised SMB1001 services designed to elevate your organisation’s cyber security posture.
Our expert team conducts thorough assessments to ensure your systems align with your chosen tier of the SMB1001 framework, identifying vulnerabilities and providing actionable recommendations.
We don’t just assess; we partner with you to strengthen your defenses, helping you achieve compliance, reduce risks, and protect your critical assets from cyber threats.
Our Team will work through the certification requirements with you and help you implement the necessary controls to obtain, and maintain certification for your business!
Trust White Rook Cyber to deliver tailored, high-impact solutions that keep your business secure and resilient.
Assesses your organisation's alignment with the SMB1001 framework, identifying gaps and vulnerabilities in your current cyber security measures.
Provides clear, prioritised steps to enhance your security posture, ensuring robust defenses against potential cyber threats.
Helps your organisation meet industry standards and regulatory requirements for your chosen certification tier.
Enables early identification and mitigation of risks, reducing the likelihood of successful cyber attacks and minimising potential damage.
Holistic Protection. Hassle-Free. Cost-Effective.
Let us help you take your Cyber Security to the next level!
How To Get A SMB1001 Certification
Review the different requirements of the SMB1001 certification levels.
Choose the certification level that suits your organisation’s needs.
Implement necessary security measures and protocols to qualify.
Verify compliance to receive your badge and certificate.
Receive your formal Cyber Certifcatation alongside a badge & Certificate of Completion
Which SMB1001 Certificate Do I Need?
Bronze
For organisations that are starting out on their cyber journey and need the basics in place.
Silver
For organisations that rely on email and business apps, and want advanced cyber security.
Gold
For organisations that want professional level cyber security that demonstrates best practice.
Platinum
For high performing businesses that have mature cyber security built on best-practice cyber risk management.
Diamond
Top level certification for businesses that have the highest level of cyber maturity across all 5 core cyber security pillars.
Review the different requirements of the SMB1001 certification levels.
Choose the certification level that suits your organisation’s needs.
Implement necessary security measures and protocols to qualify.
Verify compliance to receive your badge and certificate.
Receive your formal Cyber Certifcatation alongside a badge & Certificate of Completion
Why Choose Us?
In today’s digital landscape, robust cyber security is not just a necessity but a strategic advantage. At White Rook Cyber, we offer a comprehensive suite of services designed to protect, detect, and respond to threats with precision and agility.
Our 24/7 Security Operations Center (SOC) and SIEM services ensure real-time threat detection and response, leveraging advanced technologies and seasoned experts to keep your systems secure.
Our Governance, Risk, and Compliance (GRC) audits help you navigate complex regulatory environments and strengthen your security posture with actionable insights and tailored strategies.
With our Penetration Testing, Red Team, and Purple Team engagements, we simulate sophisticated attacks to identify and address vulnerabilities before malicious actors can exploit them.
We understand that every organisation is unique. Our solutions are tailored to meet your specific needs, ensuring maximum protection and compliance while minimizing disruption to your business operations.
SMB1001 Certification Requirements
Bronze Tier Requirements
- Engage a technical support specialist for your organization
- Install and configure a firewall
- Install anti-virus software on all organizational devices
- Automatically install tested and approved software updates and patches on all organizational devices
- Change passwords routinely
- Implement a backup and recovery strategy for important digital assets
Silver Tier Requirements
- Engage a technical support specialist for your organization
- Install and configure a firewall
- Install anti-virus software on all organizational devices
- Automatically install tested and approved software updates and patches on all organizational devices
- Change passwords routinely
- Implement a backup and recovery strategy for important digital assets
- Install TLS certificates on all public internet facing websites
- Ensure employee accounts do not have administrative privileges
- Ensure employees have individual user accounts
- Implement a password manager system
- MFA on all employee email accounts
- Confidentiality agreement for all employees
- Implement a policy with procedures to prevent Invoice Fraud
- Implement a visitor register
Gold Tier Requirements
- Engage a technical support specialist for your organization
- Install and configure a firewall
- Install anti-virus software on all organizational devices
- Automatically install tested and approved software updates and patches on all organizational devices
- Change passwords routinely
- Implement a backup and recovery strategy for important digital assets
- Install TLS certificates on all public internet facing websites
- Ensure employee accounts do not have administrative privileges
- Ensure employees have individual user accounts
- Implement a password manager system
- MFA on all employee email accounts
- Confidentiality agreement for all employees
- Implement a policy with procedures to prevent Invoice Fraud
- Implement a visitor register
- Ensure all servers are updated and patched
- MFA on all business applications and social media accounts
- Implement a cyber security policy
- Implement a response plan for cyber related incidents
- Utilize secure methods of physical document destruction
- Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
- Implement and maintain a digital asset register
- Conduct cyber security awareness training for all employees
Platinum Tier Requirements
- Engage a technical support specialist for your organization
- Install and configure a firewall
- Install anti-virus software on all organizational devices
- Automatically install tested and approved software updates and patches on all organizational devices
- Change passwords routinely
- Implement a backup and recovery strategy for important digital assets
- Install TLS certificates on all public internet facing websites
- Ensure employee accounts do not have administrative privileges
- Ensure employees have individual user accounts
- Implement a password manager system
- MFA on all employee email accounts
- Confidentiality agreement for all employees
- Implement a policy with procedures to prevent Invoice Fraud
- Implement a visitor register
- Ensure all servers are updated and patched
- MFA on all business applications and social media accounts
- Implement a cyber security policy
- Implement a response plan for cyber related incidents
- Utilize secure methods of physical document destruction
- Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
- Implement and maintain a digital asset register
- Conduct cyber security awareness training for all employees
- Ensure all public internet facing resources are regularly scanned for vulnerabilities
- Management of remote access cloud credentials
- MFA where important digital data is stored
- MFA on VPN connections
- MFA on RDP connections
- Purchase and maintain cyber insurance
Diamond Tier Requirements
- Engage a technical support specialist for your organization
- Install and configure a firewall
- Install anti-virus software on all organizational devices
- Automatically install tested and approved software updates and patches on all organizational devices
- Change passwords routinely
- Implement a backup and recovery strategy for important digital assets
- Install TLS certificates on all public internet facing websites
- Ensure employee accounts do not have administrative privileges
- Ensure employees have individual user accounts
- Implement a password manager system
- MFA on all employee email accounts
- Confidentiality agreement for all employees
- Implement a policy with procedures to prevent Invoice Fraud
- Implement a visitor register
- Ensure all servers are updated and patched
- MFA on all business applications and social media accounts
- Implement a cyber security policy
- Implement a response plan for cyber related incidents
- Utilize secure methods of physical document destruction
- Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
- Implement and maintain a digital asset register
- Conduct cyber security awareness training for all employees
- Ensure all public internet facing resources are regularly scanned for vulnerabilities
- Management of remote access cloud credentials
- MFA where important digital data is stored
- MFA on VPN connections
- MFA on RDP connections
- Purchase and maintain cyber insurance
- Ensure important digital data is encrypted at rest
- Implement application control
- Disable untrusted Microsoft Office macros
- Conduct penetration, vulnerability and social engineering testing
- Implement a digital trust program with your suppliers
- Conduct police vetting on employees and contractors with administrative privileges or controlled access
- Conduct training to test the incident response plan
Certification Conditions and Prerequisites:
Level 1, 2 and 3 certifications require director (or equivalent) attestation and are valid for 12 months.
Level 4 and 5 Certifications require director (or equivalent) attestation and an external audit and are valid for 12 months.
Full details of the certification requirements are included in your workbook that comes with your subscription.
TESTIMONIAL
Viktor Vukovic
“Partnering with White Rook Cyber we can proactively plan and undertake necessary cyber security assessment and testing activities to safeguard sensitive information and organisational integrity. This partnership has helped us to develop an appropriate roadmap for our business that enables us to understand our current state against an industry recognised cyber security framework. While assisting us to prioritise targeted strategies effectively to achieve our desired level of security maturity”