Cybersecurity Health Check for Organisations

The Cyber Security Agency of Singapore (CSA) has launched the Cybersecurity Health Check tool for organisations to measure their cyber hygiene implementation and track their progress in cybersecurity health. The tool was developed based on the cyber hygiene measures defined in Cyber Essentials. By answering a ten-minute questionnaire, you can find out the cybersecurity health of your organisation and what it takes to improve it.

Know Yourself and Know Your Enemy

(Reference: CSA’s Singapore Cybersecurity Health Report 2023)


CSA’s Singapore Cybersecurity Health Report 2023 showed that eight in 10 organisations have encountered a cybersecurity incident within a 12 month period, and one in two organisations encountered it several times a year. These cyber enemies are relentlessly disrupting businesses and harming their operations and reputations through cyberattacks. The attacks can cause significant financial damage too; the cost of a ransomware attack in Singapore is estimated to be around $1.5 million on average1, while the cost of an attack arising from social engineering is around $116,0002

Now look at your organisation, how much do you know about its cyber defences and resilience? Are your employees, who are your first line of defence, prepared for cyberattacks? Does your organisation have an effective cyber incident response plan? Find out these answers with the tool so that you will not fear the battles ahead against the cyber enemies.

Quick, Simple Steps to Know Your Health

It only takes around ten minutes to answer a simple questionnaire on your organisation’s cybersecurity posture. If you have seen our self-assessment document for Cyber Essentials, you may recognise the questions as the questionnaire is based on it. After completing the questionnaire, you will receive your organisation’s health report and recommendations. Through this process, you would be able to see the alignment of your organisation’s cybersecurity health to the national standards, which will help your organisation prioritise the cybersecurity measures needed to safeguard its systems and operations from common cyberattacks.  

Reading Your Health, Knowing Your Wealth

You might be wondering if you can understand the analysis in the personalised health report if you are not familiar with IT jargons. Fret not - the report is worded in simple language and comes with clear visual aids to help you see how your organisation fares in different aspects of cybersecurity. The report may also include a benchmark on how your organisation stacks up against the national average. 

Made progress after a few months? You have the option to do the health check again, so that you can get a new report and track your organisation’s progress by comparing them. The new health report will also help you focus on what you need to do next to enhance your organisation’s cybersecurity. 

Take Action to Improve Your Health 

As the saying goes, it is not if but when a cybersecurity attack will happen. To reduce the chances of that happening or to limit the potential damage, you should take action to implement the recommended solutions in the health report. The recommendations may include programmes where government funding or support is available. One example is the scheme to develop cybersecurity health plan with funding support for eligible SMEs through the CISO as-a-Service for Cyber Essentials (CISOaaS). Pre-approved cybersecurity solutions that receive funding support from the Productivity Solutions Grant (PSG) could be in the recommendations too. 

Free online toolkits developed by CSA could also be recommended to increase the cybersecurity awareness of your organisation’s employees, which would boost the health of your organisation.

Why not just spend 10 minutes to do the questionnaire today? The comprehensive recommendations given can protect your organisation against the most common threats.

Prevention is Better than Cure

The Cybersecurity Health Check tool is your first step towards being proactive in preventing any cybersecurity problems in the future. You may access it here

Your organisation’s health is in your hands, so start using this tool to know your cybersecurity health and find out how you can protect your organisation and stakeholders, such as your suppliers and customers, by strengthening your organisation’s cyber hygiene measures.


 1 Business Times, 2022, “Singapore companies pay average S$1.5m after ransomware attack: report”
 2 Singapore Police Force, 2023, “Mid-Year Scams and Cybercrime Statistics 2023”