Secure Your Business with SMB1001 Certification

By achieving certification, you not only safeguard your assets but also gain a competitive edge in the marketplace. Explore the different levels of certification available and determine which one your business qualifies for today!
Users Trained
0 +
Expert team
0 +
Attacks Prevented
0 +
years of Experience
0 +
Screenshot 1

What is an SMB1001 Certification?

The SMB1001 is a comprehensive framework designed to enhance the cyber security posture of small to medium-sized businesses. This certification demonstrates your organisation’s commitment to safeguarding sensitive information and protecting against cyber threats.

By achieving SMB1001 certification, businesses can establish trust with clients, comply with industry regulations, and differentiate themselves in a competitive market. It’s an essential step in ensuring that your organization is prepared to face the evolving landscape of cyber threats while enhancing your overall security strategy.

What Does White Rook Cyber Offer?

Partner with White Rook Cyber for your SMB1001 needs!

At White Rook Cyber, we offer specialised SMB1001 services designed to elevate your organisation’s cyber security posture.

Our expert team conducts thorough assessments to ensure your systems align with your chosen tier of the SMB1001 framework, identifying vulnerabilities and providing actionable recommendations.

We don’t just assess; we partner with you to strengthen your defenses, helping you achieve compliance, reduce risks, and protect your critical assets from cyber threats.

Our Team will work through the certification requirements with you and help you implement the necessary controls to obtain, and maintain certification for your business!

Trust White Rook Cyber to deliver tailored, high-impact solutions that keep your business secure and resilient.

Comprehensive Baseline Evaluation

Assesses your organisation's alignment with the SMB1001 framework, identifying gaps and vulnerabilities in your current cyber security measures.

Actionable Recommendations

Provides clear, prioritised steps to enhance your security posture, ensuring robust defenses against potential cyber threats.

Certification Assurance

Helps your organisation meet industry standards and regulatory requirements for your chosen certification tier.

Proactive Risk Management

Enables early identification and mitigation of risks, reducing the likelihood of successful cyber attacks and minimising potential damage.

Holistic Protection. Hassle-Free. Cost-Effective.

Let us help you take your Cyber Security to the next level!

How To Get A SMB1001 Certification

Review the different requirements of the SMB1001 certification levels.

Step 2: Select Your Certification Level

Choose the certification level that suits your organisation’s needs.

Step 3: Fulfill the Requirements

Implement necessary security measures and protocols to qualify.

Step 4: Complete the Attestation

Verify compliance to receive your badge and certificate.

Step 5: Receive your Certification

Receive your formal Cyber Certifcatation alongside a badge & Certificate of Completion

Which SMB1001 Certificate Do I Need?

Review the different requirements of the SMB1001 certification levels.

Step 2: Select Your Certification Level

Choose the certification level that suits your organisation’s needs.

Step 3: Fulfill the Requirements

Implement necessary security measures and protocols to qualify.

Step 4: Complete the Attestation

Verify compliance to receive your badge and certificate.

Step 5: Receive your Certification

Receive your formal Cyber Certifcatation alongside a badge & Certificate of Completion

Why Choose Us?

In today’s digital landscape, robust cyber security is not just a necessity but a strategic advantage. At White Rook Cyber, we offer a comprehensive suite of services designed to protect, detect, and respond to threats with precision and agility.

Expertise Across the Board

Our 24/7 Security Operations Center (SOC) and SIEM services ensure real-time threat detection and response, leveraging advanced technologies and seasoned experts to keep your systems secure.

Thoroughness and Compliance

Our Governance, Risk, and Compliance (GRC) audits help you navigate complex regulatory environments and strengthen your security posture with actionable insights and tailored strategies.

Proven Offensive Tactics

With our Penetration Testing, Red Team, and Purple Team engagements, we simulate sophisticated attacks to identify and address vulnerabilities before malicious actors can exploit them.

Customised Solutions

We understand that every organisation is unique. Our solutions are tailored to meet your specific needs, ensuring maximum protection and compliance while minimizing disruption to your business operations.

Golden Trophy 2021 08 26 15 27 45 Utc2.png

SMB1001 Certification Requirements

Bronze Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
Silver Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
Gold Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
  15. Ensure all servers are updated and patched
  16. MFA on all business applications and social media accounts
  17. Implement a cyber security policy
  18. Implement a response plan for cyber related incidents
  19. Utilize secure methods of physical document destruction
  20. Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
  21. Implement and maintain a digital asset register
  22. Conduct cyber security awareness training for all employees
Platinum Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
  15. Ensure all servers are updated and patched
  16. MFA on all business applications and social media accounts
  17. Implement a cyber security policy
  18. Implement a response plan for cyber related incidents
  19. Utilize secure methods of physical document destruction
  20. Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
  21. Implement and maintain a digital asset register
  22. Conduct cyber security awareness training for all employees
  23. Ensure all public internet facing resources are regularly scanned for vulnerabilities
  24. Management of remote access cloud credentials
  25. MFA where important digital data is stored
  26. MFA on VPN connections
  27. MFA on RDP connections
  28. Purchase and maintain cyber insurance
Diamond Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
  15. Ensure all servers are updated and patched
  16. MFA on all business applications and social media accounts
  17. Implement a cyber security policy
  18. Implement a response plan for cyber related incidents
  19. Utilize secure methods of physical document destruction
  20. Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
  21. Implement and maintain a digital asset register
  22. Conduct cyber security awareness training for all employees
  23. Ensure all public internet facing resources are regularly scanned for vulnerabilities
  24. Management of remote access cloud credentials
  25. MFA where important digital data is stored
  26. MFA on VPN connections
  27. MFA on RDP connections
  28. Purchase and maintain cyber insurance
  29. Ensure important digital data is encrypted at rest
  30. Implement application control
  31. Disable untrusted Microsoft Office macros
  32. Conduct penetration, vulnerability and social engineering testing
  33. Implement a digital trust program with your suppliers
  34. Conduct police vetting on employees and contractors with administrative privileges or controlled access
  35. Conduct training to test the incident response plan

Certification Conditions and Prerequisites:

Level 1, 2 and 3 certifications require director (or equivalent) attestation and are valid for 12 months.

Level 4 and 5 Certifications require director (or equivalent) attestation and an external audit and are valid for 12 months.

Full details of the certification requirements are included in your workbook that comes with your subscription.

TESTIMONIAL

Viktor Vukovic

“Partnering with White Rook Cyber we can proactively plan and undertake necessary cyber security assessment and testing activities to safeguard sensitive information and organisational integrity. This partnership has helped us to develop an appropriate roadmap for our business that enables us to understand our current state against an industry recognised cyber security framework. While assisting us to prioritise targeted strategies effectively to achieve our desired level of security maturity”

SMB1001 Certification Requirements

Bronze Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
Silver Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
Gold Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
  15. Ensure all servers are updated and patched
  16. MFA on all business applications and social media accounts
  17. Implement a cyber security policy
  18. Implement a response plan for cyber related incidents
  19. Utilize secure methods of physical document destruction
  20. Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
  21. Implement and maintain a digital asset register
  22. Conduct cyber security awareness training for all employees
Platinum Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
  15. Ensure all servers are updated and patched
  16. MFA on all business applications and social media accounts
  17. Implement a cyber security policy
  18. Implement a response plan for cyber related incidents
  19. Utilize secure methods of physical document destruction
  20. Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
  21. Implement and maintain a digital asset register
  22. Conduct cyber security awareness training for all employees
  23. Ensure all public internet facing resources are regularly scanned for vulnerabilities
  24. Management of remote access cloud credentials
  25. MFA where important digital data is stored
  26. MFA on VPN connections
  27. MFA on RDP connections
  28. Purchase and maintain cyber insurance
Diamond Tier Requirements
  1. Engage a technical support specialist for your organization
  2. Install and configure a firewall
  3. Install anti-virus software on all organizational devices
  4. Automatically install tested and approved software updates and patches on all organizational devices
  5. Change passwords routinely
  6. Implement a backup and recovery strategy for important digital assets
  7. Install TLS certificates on all public internet facing websites
  8. Ensure employee accounts do not have administrative privileges
  9. Ensure employees have individual user accounts
  10. Implement a password manager system
  11. MFA on all employee email accounts
  12. Confidentiality agreement for all employees
  13. Implement a policy with procedures to prevent Invoice Fraud
  14. Implement a visitor register
  15. Ensure all servers are updated and patched
  16. MFA on all business applications and social media accounts
  17. Implement a cyber security policy
  18. Implement a response plan for cyber related incidents
  19. Utilize secure methods of physical document destruction
  20. Ensure all computer devices that store sensitive, private, and/or confidential information are disposed of securely
  21. Implement and maintain a digital asset register
  22. Conduct cyber security awareness training for all employees
  23. Ensure all public internet facing resources are regularly scanned for vulnerabilities
  24. Management of remote access cloud credentials
  25. MFA where important digital data is stored
  26. MFA on VPN connections
  27. MFA on RDP connections
  28. Purchase and maintain cyber insurance
  29. Ensure important digital data is encrypted at rest
  30. Implement application control
  31. Disable untrusted Microsoft Office macros
  32. Conduct penetration, vulnerability and social engineering testing
  33. Implement a digital trust program with your suppliers
  34. Conduct police vetting on employees and contractors with administrative privileges or controlled access
  35. Conduct training to test the incident response plan

Certification Conditions and Prerequisites:

Level 1, 2 and 3 certifications require director (or equivalent) attestation and are valid for 12 months.

Level 4 and 5 Certifications require director (or equivalent) attestation and an external audit and are valid for 12 months.

Full details of the certification requirements are included in your workbook that comes with your subscription.