SMB1001 - Tier 2 (Silver)

Advanced Cyber Defence

Silver, or the Advanced Cyber Defence bundle, builds upon Bronze by adding stronger safeguards and enhanced compliance measures. It meets all SMB1001:2025 Silver requirements, offering a more holistic security approach for growing businesses that handle sensitive data or face increasing cyber risks.

Service Description

This tier introduces robust identity protection (multi-factor authentication and password management), more powerful email and web defences, as well as formalised policies to combat fraud.

The result is a multi-layered security posture that significantly reduces the chance of a successful attack like phishing-based business email compromise, while remaining user-friendly for your team’s day-to-day work. Silver is ideal for organisations that have matured beyond the basics – for example, professional services firms, healthcare clinics, or retailers expanding online – and need to assure clients and partners of a higher security standard.

Benefits

How it Works

Key Controls & Implemented Solutions

The Silver tier includes all Bronze controls and solutions, plus additional technologies and policies to meet the Level 2 requirements

Multi-Factor Authentication (MFA) Everywhere

We implement MFA for all employee email accounts and cloud services (fulfilling control 2.5.0.0). For example, we deploy Cisco Duo or equivalent, so logins require a second factor (mobile app prompt or hardware token) in addition to passwords. This dramatically cuts the risk of account breaches by credential theft. (SMS or email-based MFA are avoided in favour of more secure app/key methods.)

We provide a company-wide Password Manager (such as Bitwarden) for all staff (addresses 2.4.0.0). Each employee gets a secure vault to generate and store unique long passwords, ending risky practices of sharing or re-using credentials. We enforce individual user accounts (no shared logins, fulfilling 2.3.0.0)

and remove administrative privileges from standard users (2.2.0.0), implementing least-privilege access across the board. These measures ensure only authorised personnel have elevated access, and everyday accounts cannot install software or change critical settings.

To combat phishing and fraud, we add a managed email filtering service (Proofpoint Essentials). This blocks spam, malware, and phishing emails before they reach inboxes. In one real example, the Proofpoint email gateway flagged and quarantined a well-crafted fake invoice email that could have tricked an employee – preventing a costly business email compromise attempt. By leveraging machine-learning and threat intel, such email security greatly reduces the likelihood of staff falling prey to scams.

We deploy DNS-layer web filtering (e.g. Cisco Umbrella) to protect users from malicious websites. This blocks connections to known phishing sites or malware-hosting domains when employees click links or browse the web. It adds another layer of defence, stopping ransomware downloads or credential-harvesting sites at the network level.

For any public-facing websites or services your organisation runs, we ensure valid TLS certificates are installed (fulfilling 1.5.0.0 in the standard). This means your website will use HTTPS encryption, protecting customer data in transit and giving visitors confidence that your site is secure.

Silver includes guidance and templates to establish key security policies. All employees are required to sign a Confidentiality/Non- Disclosure Agreement (fulfilling 4.1.0.0). We help implement an Invoice Fraud Prevention policy (fulfilling 4.2.0.0) which sets procedures for verifying any request to change supplier bank

details or transfer funds, thereby foiling common invoice scams. A Visitor Register process is introduced for offices (fulfilling 4.3.0.0), ensuring all visitors are logged and identifiable, which enhances physical security. These low-cost, high-impact procedural controls add a human layer of defence against social engineering and fraud.

Building on Bronze, the Silver package increases our monitoring of your environment. We continue to manage antivirus, firewall, patching and backups, but with Silver we also begin integrating alerts from your email security and identity systems into our SOC monitoring. Our team will receive notifications, for instance, if an MFA push is denied (potential brute force attempt) or if the email gateway catches a malicious attachment, allowing us to proactively investigate. We remain available to assist during business hours (with options to extend coverage as needed), ensuring any security incidents are addressed swiftly.

CyberGrape will get your business SMB1001 (Tier 2) Cyber Certified.

For businesses with a low risk profile, the CyberGrape Advanced Cyber Defence (Level 2) package provides an Enhanced security for businesses facing moderate risk.

Implementing this package positions your organisation to successfully achieve CyberCert SMB1001 Silver Level 2 certification, demonstrating to clients, partners, and insurers that you meet recognised security standards. Certification also provides third-party assurance and a publicly verifiable record of your commitment to responsible cyber risk management.

Certification also provides third-party assurance and a publicly verifiable record of your commitment to responsible cyber risk management.

Schedule a discovery call

Don’t Wait for a Breach. Take Control of Your Cyber Risk Now.

Lock down your business with proactive, proven, certified cyber defence

Contact Us

Considering a different Tier of certification?

CyberGrape can support your business in other tiers of the SMB1001 certification

Bronze

Gold

Platinum

Diamond