SMB1001 Explained

Cybersecurity,
Done Properly.

Running a small business means relying on technology every day — and being exposed to the same cyber risks once only targeted at large organisations. SMB1001 is designed to solve exactly that.

What is SMB1001?

A Standard Built for Your Business

SMB1001 is a cybersecurity standard built specifically for small and medium businesses. It provides a clear, practical roadmap to improve your cybersecurity, without the cost, complexity, or disruption of enterprise standards.

Instead of trying to "do everything," SMB1001 helps your business focus on the controls that actually reduce risk, improve security step-by-step, demonstrate due diligence to insurers and partners, and build confidence without over-engineering.

Why SMB1001 Matters

Most cyber incidents affecting small businesses succeed because basic protections are missing, inconsistent, or untested. SMB1001 focuses on the fundamentals: securing access, keeping software current, ensuring backups work, and reducing human-error risks through training.

SMB1001 helps you prove you're taking reasonable steps — something insurers, clients, and supply-chain partners increasingly expect.

Is SMB1001 right for you?
SMB1001 is ideal if your business…
Wants to understand its current cyber security maturity
Needs a clear, affordable path to better security
Is looking to satisfy cyber insurance requirements
Supplies goods or services to government or large organisations
Wants to demonstrate security to clients and partners
Has had an incident and wants to prevent the next one
Simply wants peace of mind that it's genuinely protected
Book a Free Assessment
The Five Levels

Bronze, Silver, Gold, Platinum & Diamond

Each level builds on the one before it — nothing is wasted or duplicated. Only do what's appropriate for your business today.

Level 1
Bronze
The Essentials
Focuses on basic protections that stop the most common cyber attacks. For many small businesses, this is the sensible starting point.
Level 2
Silver
Consistent Security
Builds on Bronze with stronger access controls, email protection, and monitoring. Often aligns with cyber insurance expectations.
Level 3
Gold
Proactive Risk Management
Introduces mature controls, regular testing, clear incident plans, and staff training. Recommended for professional services and businesses handling sensitive data.
Level 4
Platinum
Advanced Assurance
For high-risk sectors — critical infrastructure and defence supply chains — with advanced controls and independent verification.
✓ Third-Party Verified
Level 5
Diamond
Highest Standard
For businesses handling the most sensitive data or operating in nationally critical sectors. The pinnacle of SMB cyber maturity.
✓ Third-Party Verified
Coverage Areas

The Five Areas SMB1001 Covers

Five practical areas every organisation already has — whether formally managed or not.

Technology
Are your systems protected, patched, and properly maintained?
Access
Who can access what — and how securely?
Backup & Recovery
Could you recover and keep operating after a cyber incident?
Policies & Plans
Do you have clear, usable plans for when something goes wrong?
People & Training
Do staff know how to spot phishing, scams, and common threats?
How PCS Helps

Our Process is Simple

At Perth Cyber Safe, we don't treat cybersecurity as a checklist. Our approach is independent, risk-based, plain English, and evidence-driven — and you stay in control throughout.

1
Assess your current position
Measure exactly where you stand against SMB1001 — clearly and honestly.
2
Identify gaps in plain language
No technical jargon. Understand what's missing and why it matters.
3
Explain what matters and why
We prioritise by actual business risk — not theoretical worst-cases.
4
Support implementation
Work alongside you to integrate the necessary controls. You stay in control.
5
Certify with confidence
Official SMB1001 certification demonstrable to insurers and partners.
How SMB1001 Fits With Other Standards
SMB1001 aligns closely with well-known frameworks, laying strong foundations without forcing you to over-spend early.
Australian Essential Eight — SMB1001 aligns with and complements Australia's leading baseline security standard.
ISO 27001 — Controls mapped to ISO 27001, providing a pathway to full certification if needed.
NIST Framework — The five SMB1001 areas align with NIST's Identify, Protect, Detect, Respond, Recover functions.
Cyber Insurance — Silver and above typically satisfies most Australian cyber insurance baseline requirements.
Ready to Get Started?
Book a free, no-obligation assessment and find out exactly where your business stands today.
Book a Free Assessment
Start Your Journey

Start Your SMB1001
Journey Today

Book a free assessment and find out exactly where your business stands — with no obligation.

Book a Free Assessment