Cyber Trust mark
About Cybersecurity Certification Scheme | Cyber Essentials | Cyber Trust
The Cyber Trust mark is a cybersecurity certification for organisations with more extensive digitalised business operations. It is targeted at larger or more digitalised organisations as these organisations are likely to have higher risk levels which require them to invest in expertise and resources to manage and protect their IT infrastructure and systems. The Cyber Trust mark adopts a risk-based approach to guide organisations to understand their risk profiles and identify relevant cybersecurity preparedness areas required to mitigate these risks.
The Cyber Trust mark serves as a mark of distinction for organisations to prove that they have put in place good cybersecurity practices and measures that are commensurate with their cybersecurity risk profile.
Why should my organisation apply?
• Signifies a mark of distinction to recognise organisations as trusted partners with robust cybersecurity
• Provides a pathway to international cybersecurity standards (e.g. ISO/IEC 27001)
• Provides a guided approach for your organisation to assess cybersecurity risks and preparedness
• Takes on a risk-based approach to meet your organisation's needs without over-investing
Which tier of Cybersecurity Preparedness does my organisation belong to?
There are five Cybersecurity Preparedness tiers, with 10 to 22 domains under each tier. Organisations can use the Cyber Trust mark risk assessment framework to identify which Cybersecurity Preparedness tier is more suitable for your needs.
Certification for the Cyber Trust mark
Organisations seeking certification may refer to the following:
• Cyber Trust mark certification document [PDF, 721KB]
• Cyber Trust mark – Self-assessment template [XLS, 230KB]
• Mapping between Cyber Trust mark and ISO/IEC 27001 [PDF, 630KB]
Note: Documents were last updated in August 2022
a. Appointed Certification Bodies
The certification process is undertaken by certification bodies that have been appointed by CSA. Organisations may select any of the following certification bodies, please click here for contact details.
b. Certification Duration and Mode of Assessment
Cyber Trust certification is valid for a duration of 3 years, with a yearly audit. The mode of assessment will involve both review and verification of documents, as well as implementation and effectiveness. The organisation’s certification audit will be carried out by an independent assessor from the appointed certification body.
Certification charges and time needed for certification may differ according to the scope of certification. Organisations may visit the websites of the certification bodies to find out more.
c. Funding Support for the Cyber Trust mark certification
Eligible organisations can consider applying to Enterprise Singapore (ESG) to seek support for some of the costs for Cyber Trust certification. Details on the criteria and application process can be found below:
• Interested organisations may refer to this Quick Guide on Enterprise Development Grant Application
d. Cybersecurity toolkits and guidance to support certification
Need help with the cybersecurity measures you can implement to improve your organisation’s cybersecurity? Check out our cybersecurity toolkits for guiding questions, templates and more.
e. Cybersecurity solutions to address cybersecurity preparedness domains in Cyber Trust mark
In search of solutions to address the Cyber Preparedness domains in the Cyber Trust mark? The following products or solutions can help you in your cybersecurity certification journey. Organisations interested in attaining the Cyber Trust mark certification are encouraged to complement these products/solutions with additional measures to fully meet the certification requirements.*
Select appropriate options from the provider listing of solutions that complement Cyber Trust mark.
Added Benefit For Certified Organisations
Cyber Trust certified organisations are eligible for discounted rates when they apply for cyber insurance with the following:
• QBE Insurance (Singapore) Pte Ltd
Please contact the companies listed for details.
• Interested in the Cyber Essentials mark instead? Click here
to learn more.
Unsure about the different codes, cybersecurity or data certifications required for your organisation? Click here
to learn more.