Red Bridge CyberRed Bridge Cyber
Customer Login
What We CheckHow It WorksPricingResearchAboutBlogCustomer Login

What is SMB1001?

SMB1001 is a tiered cybersecurity certification standard built specifically for small and medium businesses — published by Dynamic Standards International, updated annually, and unlike ISO 27001 or the Essential Eight, actually sized and priced for a business without an IT department. There are 5 tiers:

  • Bronze, Silver and Gold — self-attested: a company director signs that the controls are in place; nobody verifies them externally
  • Platinum and Diamond — independently audited, with requirements like vulnerability scanning of internet-facing systems and penetration testing

Pricing runs from under $100 a year at Bronze to several thousand at Diamond, recertified each year against the current edition — SMB1001:2026 since January. If a customer or tender asks a small business for proof of cyber hygiene, this is the certificate designed for that job. The honest caveat: at the three tiers most businesses buy, the certificate proves a director's attestation — nobody checks the controls from the outside. Verify your basics before you sign.