Managed cyber security platform CyberCert wants its certifications to become a globally recognised stamp of approval for small business security posture, with MSPs as a key part of the strategy.
CyberCert provides a range of certifications that small to medium businesses (SMBs) can purchase to demonstrate their compliance with Dynamic Standards International’s SMB1001 standard.
The company’s co-founder and chief executive Ryan Ettridge told techpartner.news that the main purpose of the certification is to streamline the cyber insurance process, but as the company has grown, so too has its ambitions.
Local specialist cybersecurity insurance broker InfoSure recently joined as a partner, joining British broker Willis Towers Watson (WTW) and US cyber insurer Coalition Inc.
Ettridge said that as well as streamlining insurance applications, CyberCert’s certifications are also increasingly recognised by enterprises and government agencies.
“The job is also to get enterprises, governments, insurers, all recognising the certification, so that the SMB knows that they don't have to answer ISO certification questions anymore,” he said.
He described CyberCert’s approach as being driven by the building of an ecosystem in which MSPs play a key role.
This is because, Ettridge explained, the SMB1001 standard requires a company to engage with a cybersecurity specialist, either internally or externally, which is frequently an MSP partner.
“Insurers have way more confidence that the SMB has done something that the director has actually attested to … and the MSP built into that gives it another level of quality control," he stated.
According to Ettridge, the company has been rapidly scaling up, with between one and 10 new partners signing up per day across Australia and New Zealand.
“We can get 5,000 SMBs per quarter through that, so my target for the ANZ region [by the] second quarter of 2026 is that we have 100,000 Australian SMBs certified or certifying," he said.
Ettridge claimed the company is on track to match that 100,000 target in the US market, where the service has the potential to be more streamlined than in Australia.
He added that in the US, the process can be even more streamlined.
“There are other platforms that are marketplaces for insurers. You go into their platform, you provide the evidence of what you've done … and then show that certification. Then you can literally get real time policy offers,” he said, noting that wouldn’t yet work in Australia.
“But,” he added, “in the US, it's pretty close to semi-automation in terms of being able to demonstrate your control effectiveness all the way through to real time policy offers based on the financial risk that you've now been able to reduce with your controls.”
He said CyberCert’s success needed a wide range of parties to recognise the value of the certification and buy into the company’s goal of creating an easier way to protect SMBs against the financial impacts of a cybersecurity breach.
“It’s the most community-driven business model you’ll ever see,” he said.
“Insurers, enterprises, governments, distributors, marketplaces, MSPs and partners, and consultants and technology vendors all have to come together for the SMB. Then CyberCert issues the certification.”
.png&w=100&c=1&s=0)
