Cyber Resilience for Small Business with SMB1001

Home (2)

Achievable AND affordable cyber resilience certification for NZ small to medium businesses

SMB1001 is a practical cyber security standard designed to suit New Zealand businesses. It helps put the right foundations in place to protect systems, data, staff and customers, without overwhelming complexity or enterprise level costs.

As a Gold level provider, Computer Services is well positioned to guide your business through the certification tiers to achieve your desired level of compliance. 

Get started now by answering some questions
key aspects of SMB1001 (800 x 800 px)

What is SMB1001 Certification?

SMB1001 is a nationally recognised cyber security standard created for small and medium sized businesses. It sets out the essential controls every organisation should have in place to reduce common cyber risks and improve resilience.

Rather than being highly technical, SMB1001 focuses on practical, achievable actions such as:

  • Securing devices and systems
  • Managing who can access what
  • Protecting data through backups
  • Monitoring for unusual activity
  • Preparing for and responding to incidents

Think of SMB1001 as a clear roadmap for cyber security. It shows what good looks like and provides a structured way to get there.

"Cyber criminals know that many smaller organisations operate without formal security processes, specialist teams, or multiple layers of protection, which can make them more vulnerable to attack"

- ALEX LOCATELLI, CHIEF TECHNOLOGY OFFICER, COMPUTER SERVICES

Requirements to achieve Bronze Level SMB1001

Below are the seven requirements to achieve Bronze level SMB1001 certification. Your business may already qualify for one of the levels. 

  • 1. Engage technical support specialist for your organisation
  • 2. Install and configure a firewall
  • 3. Install anti-virus software on all organisation devices
  • 4. Automatically install tested and approved software updates and patches on all organisation devices
  • 5. Ensure strong password hygiene is maintained
  • 6. Implement backup and recovery strategy for important digital assets
  • 7. Conduct cybersecurity awareness training for all employees

Your business may already qualify for one of the levels of compliance. Talk to us to find out where you are now, and what the other level requirements are or check here under 'Requirements'. 

Find out what level my business would be

Why SMB1001 Compliance Matters for Your Business

Cyber incidents can result in downtime, financial loss, reputational damage and lost customer trust. Many small businesses struggle to know where to start or how much is enough. SMB1001 removes the guesswork by providing a recognised standard that aligns with real world business operations.

Not sure if your business should gain this certification? Here are eight good reasons why we think this should matter to you: 

Insurance Readiness Made Simpler

Insurers increasingly require proof of cyber security controls. SMB1001 certification provides a clear, recognised way to show what protections your business has implemented. Instead of completing a 100 question checklist, insurers can review your SMB1001 certification level and understand your security posture at a glance. This can help with:

  • Insurance eligibility

  • Smoother renewals

  • Clearer conversations with insurers

  • Reduced uncertainty around requirements

Untitled design (1)

Computer Services are a Gold Level CyberCert Partner

A CyberCert Partner is an organisation that has been formally recognised as meeting a higher tier of cyber maturity under the CyberCert framework. Being a Gold-level CyberCert Partner means the provider has already demonstrated strong internal cyber security practices and has passed an independent assessment verifying these controls.

For businesses seeking SMB1001 certification, this matters more than many realise.

What it means to work with a Gold Level Provider

  • Has proven security controls in place
  • You are working with an organisation that practices what it teaches. Their internal systems meet a higher benchmark, giving you confidence in the guidance you receive.
  • Is trusted within the SMB1001 ecosystem
  • Gold status signals that the provider understands the framework at a deep level. They know exactly what assessors look for and how to help you meet each requirement efficiently.
  • Provides assurance to insurers
  • When your provider is Gold-level certified, insurers can see you’re being supported by an expert with recognised cyber maturity. This can make your pathway to insurance smoother and more credible.
  • Offers best-practice implementation
  • A Gold-level Parent has the experience to identify common gaps quickly and implement solutions without unnecessary complexity or cost.

To get started, there are four simple questions to find the right certification for your organisation. 

Answer the questions