CyberGrape logo - Cyber Security and SMB1001 certification platform for small business
    CyberGrape - GRC platform for SMB1001 security certification
    Insights
    Certification

    You've been asked to prove your cyber security.

    SMB1001 certification is how you answer that, and we get you there.

    Why it matters now

    Being secure is no longer enough. Your clients, insurers and procurement teams want proof.

    The businesses asking you to demonstrate your cyber security are not being unreasonable. Supply chain attacks are the fastest-growing threat vector. One compromised supplier is all it takes to breach an enterprise. That is why governments, large corporates and insurers are increasingly requiring their partners to hold recognised certification.

    Certification

    Your path to SMB1001 certification.

    Five tiers. Each builds on the last. You start where you are, not where you think you should be.

    Real-time progress tracking
    Assessor-ready reports
    AI gap analysis
    Live evidence collection

    What each tier requires.

    Click any tier to see what is involved and how CyberGrape gets you there.

    Gold introduces proactive risk management. At this level you will implement endpoint detection and response, MFA across all business applications, DKIM and DMARC email authentication, a cybersecurity policy, an incident response plan, an AI use policy and cyber insurance.

    Gold is the most common target for SMBs. It demonstrates real security maturity and satisfies most procurement, insurer and supply chain requirements.

    CyberGrape takes you from zero to Gold end-to-end: assessment, gap analysis, evidence, policies and submission.

    Who it is for: businesses building genuine security maturity, typically 20 to 100 staff.

    End-to-end: assessment, evidence, submission

    What certification proves.

    To your clients

    You have been independently assessed against a recognised global standard. Your security is not a promise. It is on record.

    To procurement teams

    You meet the minimum cyber hygiene requirements increasingly written into government and enterprise contracts. SMB1001 is becoming the ticket to trade for SMBs bidding for serious work.

    To your insurer

    Certified businesses demonstrate documented controls and processes, which is precisely what cyber insurers want to see when assessing risk and setting premiums.

    To your supply chain

    Your partners and customers carry risk from every supplier they work with. Certification tells them you are not their weakest link.

    Our role

    How CyberGrape gets you there.

    We do not hand you a checklist and wish you luck. The CyberGrape Platform maps every SMB1001 control to your current posture, surfaces the gaps, tracks remediation, manages your policy library and builds the evidence pack your certification requires.

    Our consultants handle the parts the platform cannot automate: policy drafting, risk assessment, staff awareness training and, for Platinum and Diamond, full coordination of your independent audit.

    Bronze to Gold

    We take you there, end-to-end.

    Assessment, gap analysis, evidence collection, policy management and submission. You focus on your business.

    Self-attested
    Platinum and Diamond

    We prepare everything.

    Full programme management, remediation tracking and coordination of your independent audit. You walk in ready.

    Independent audit required

    Common questions.

    Ready to get certified?

    Whether you are starting from scratch or pushing for Gold, we will tell you exactly where you stand and what it takes to get certified. No jargon. No surprises.