SMB1001 - Tier 2 (Silver)
Advanced Cyber Defence

Service Description
This tier introduces robust identity protection (multi-factor authentication and password management), more powerful email and web defences, as well as formalised policies to combat fraud.
The result is a multi-layered security posture that significantly reduces the chance of a successful attack like phishing-based business email compromise, while remaining user-friendly for your team’s day-to-day work. Silver is ideal for organisations that have matured beyond the basics – for example, professional services firms, healthcare clinics, or retailers expanding online – and need to assure clients and partners of a higher security standard.
Benefits
- All the Benefits of Bronze
- Fraud Prevention and Compliance
- User Productivity & Convenience
- Scalability for Growth
- Certified Security
How it Works
Key Controls & Implemented Solutions
The Silver tier includes all Bronze controls and solutions, plus additional technologies and policies to meet the Level 2 requirements
Multi-Factor Authentication (MFA) Everywhere
We implement MFA for all employee email accounts and cloud services (fulfilling control 2.5.0.0). For example, we deploy Cisco Duo or equivalent, so logins require a second factor (mobile app prompt or hardware token) in addition to passwords. This dramatically cuts the risk of account breaches by credential theft. (SMS or email-based MFA are avoided in favour of more secure app/key methods.)
Password Manager & Identity Management
We provide a company-wide Password Manager (such as Bitwarden) for all staff (addresses 2.4.0.0). Each employee gets a secure vault to generate and store unique long passwords, ending risky practices of sharing or re-using credentials. We enforce individual user accounts (no shared logins, fulfilling 2.3.0.0)
and remove administrative privileges from standard users (2.2.0.0), implementing least-privilege access across the board. These measures ensure only authorised personnel have elevated access, and everyday accounts cannot install software or change critical settings.
Advanced Email Security Gateway
To combat phishing and fraud, we add a managed email filtering service (Proofpoint Essentials). This blocks spam, malware, and phishing emails before they reach inboxes. In one real example, the Proofpoint email gateway flagged and quarantined a well-crafted fake invoice email that could have tricked an employee – preventing a costly business email compromise attempt. By leveraging machine-learning and threat intel, such email security greatly reduces the likelihood of staff falling prey to scams.
Web/DNS Filtering
We deploy DNS-layer web filtering (e.g. Cisco Umbrella) to protect users from malicious websites. This blocks connections to known phishing sites or malware-hosting domains when employees click links or browse the web. It adds another layer of defence, stopping ransomware downloads or credential-harvesting sites at the network level.
TLS Encryption for Websites
For any public-facing websites or services your organisation runs, we ensure valid TLS certificates are installed (fulfilling 1.5.0.0 in the standard). This means your website will use HTTPS encryption, protecting customer data in transit and giving visitors confidence that your site is secure.
Formal Policies & Fraud Prevention Procedures
Silver includes guidance and templates to establish key security policies. All employees are required to sign a Confidentiality/Non- Disclosure Agreement (fulfilling 4.1.0.0). We help implement an Invoice Fraud Prevention policy (fulfilling 4.2.0.0) which sets procedures for verifying any request to change supplier bank
details or transfer funds, thereby foiling common invoice scams. A Visitor Register process is introduced for offices (fulfilling 4.3.0.0), ensuring all visitors are logged and identifiable, which enhances physical security. These low-cost, high-impact procedural controls add a human layer of defence against social engineering and fraud.
Enhanced Monitoring and Support
Building on Bronze, the Silver package increases our monitoring of your environment. We continue to manage antivirus, firewall, patching and backups, but with Silver we also begin integrating alerts from your email security and identity systems into our SOC monitoring. Our team will receive notifications, for instance, if an MFA push is denied (potential brute force attempt) or if the email gateway catches a malicious attachment, allowing us to proactively investigate. We remain available to assist during business hours (with options to extend coverage as needed), ensuring any security incidents are addressed swiftly.

CyberGrape will get your business SMB1001 (Tier 2) Cyber Certified.
For businesses with a low risk profile, the CyberGrape Advanced Cyber Defence (Level 2) package provides an Enhanced security for businesses facing moderate risk.
Implementing this package positions your organisation to successfully achieve CyberCert SMB1001 Silver Level 2 certification, demonstrating to clients, partners, and insurers that you meet recognised security standards. Certification also provides third-party assurance and a publicly verifiable record of your commitment to responsible cyber risk management.
Certification also provides third-party assurance and a publicly verifiable record of your commitment to responsible cyber risk management.
Schedule a discovery call
Don’t Wait for a Breach. Take Control of Your Cyber Risk Now.
Lock down your business with proactive, proven, certified cyber defence
Contact Us