Association member exclusive
Move from practical readiness to defensible assurance.
Extended is for member businesses that now need stronger proof for insurance renewal, customer requirements, vendor scrutiny, or other outside stakeholders. It builds on Covered with consultant-backed assessment, evidence collection, and auditable technical validation.
Early-adopter member pricing: from $19,500/year + $35/user USD
Available only to businesses arriving through a participating association partner. Buy if you are ready. Talk first if you want to confirm fit.
Best fit when you’re facing:
- Insurance renewal pressure
- Customer or vendor scrutiny
- Questionnaires or procurement demands
- A need for stronger proof
Who Extended is for
Built for businesses facing a higher standard.
Extended is not for every SMB. It is for businesses that have already taken practical steps and now need stronger documentation, stronger validation, and stronger answers when outside parties start asking harder questions.
A strong fit if…
- You are renewing or improving cyber insurance
- A customer, partner, or vendor wants more documentation
- You are dealing with questionnaires, procurement, or governance pressure
- You want stronger proof of maturity than Covered alone provides
Probably not needed yet if…
- You are still at the awareness stage
- You mainly need training and practical cyber basics
- You are not yet facing evidence requests
- Covered would already move you forward
Extended turns practical progress into stronger proof. Less “we’re working on it.” More “here is what we’ve done.”
Why move up from Covered
Covered helps you improve. Extended helps you prove it.
Covered is the practical operating tier. Extended is the evidence-and-assurance tier for businesses that now need a more formal and more defensible position.
Covered
Practical cyber readiness for SMBs that want meaningful action without enterprise complexity.
- Assessment and training
- Policy essentials
- Penetration testing
- Practical risk reduction
Extended
Guided assurance for businesses that now need formal evidence, validated scoring, and auditable outputs.
- Consultant-enabled validation
- Evidence collection and artefact support
- Auditable reporting outputs
- Stronger readiness for outside scrutiny
The three anchors of Extended
A guided assurance program built to make your progress showable.
Extended is carried by three concrete elements: validated assessment, evidence outputs, and technical verification.
Consultant-enabled NIST CSF 2.0 assessment
Go beyond a self-serve view with expert-supported assessment against a recognized framework.
Evidence collection and validated scoring
Turn security work into documented outputs that can be organized and demonstrated more formally.
Annual consultant-led penetration test
Add deeper technical validation through annual testing and a report suited to more serious stakeholder conversations.
What’s included and what it gives you
Everything in Extended is there for a reason.
Extended builds on the practical foundation of Covered and adds the evidence, validation, and governance support needed for businesses facing a higher standard.
- Everything in Covered
- SAFER AI governance toolkit
- Consultant-enabled NIST CSF 2.0 assessment
- Evidence collection and validated scoring
- Formal summary report and supporting documentation
- Policy review and expanded policy set
- Annual consultant-led penetration test
Practical outcomes
Stronger renewal support
Better preparation for underwriting and renewal conversations through more formal documentation and clearer evidence.
Stronger customer and vendor readiness
More confidence when outside parties want stronger proof of your current security posture.
A more defensible position
Progress that is easier to explain, easier to document, and easier to stand behind as questions become more formal.
Why Extended is different
Serious, evidence-backed, and still built for SMB reality.
Not enterprise-grade complexity
Serious assurance without turning cybersecurity into a giant internal project.
Not just awareness training
Extended adds validation, evidence, and auditable outputs.
Not another MSP retainer
This is a structured assurance layer, not generic outsourced IT.
Pricing
Introductory pricing for association members.
From $19,500/year + $35/user USD
Extended is designed for businesses that need a stronger evidence position than Covered alone provides. It is the step up when practical improvement is no longer enough by itself.
Public on this association path, but still framed as early-adopter member pricing for businesses that want to move now.
Ready to move from improvement to proof?
Best for businesses facing renewal pressure, external questionnaires, customer scrutiny, or a need for stronger stakeholder-facing assurance.
Frequently asked questions
How is Extended different from Covered?
Covered is the practical readiness tier. Extended adds a more formal assurance layer: consultant-enabled assessment, evidence collection, validated scoring, and auditable outputs.
Who is Extended best for?
Businesses facing renewal pressure, customer or vendor scrutiny, questionnaires, procurement requirements, or a need to show stronger proof of security maturity.
Will this help with insurance or outside requirements?
Extended is designed to better support those conversations by improving readiness, documentation, and defensible evidence. Specific insurance or coverage outcomes still depend on the insurer, the underwriting context, and other factors.
How much work is involved on our side?
More than Essentials or Covered, but still structured for SMB reality. Extended is guided, practical, and intended to avoid enterprise-style complexity.
Do we need this if we already have IT or an MSP?
Maybe. Extended is not a replacement for IT support. It is a higher-assurance layer focused on readiness, evidence, validation, and stakeholder-facing defensibility.
Take the next step
When proof matters, move up to Extended.
Built for association-member businesses that need stronger evidence, stronger validation, and a more defensible position when outside scrutiny becomes more serious.