It is designed for organizations of all sizes, particularly SMEs with limited IT or cybersecurity resources.
Strong cybersecurity is fundamental to business continuity and trust. Without it, organizations face operational disruption, reputational damage and data loss. Developed by the Cyber Security Agency of Singapore (CSA), the Cyber Essentials Mark establishes essential practices for protecting your systems, data and networks against common cyber threats. As a CSA-appointed certification body, we guide you from preparation to certification, helping you demonstrate robust cyber hygiene across people, processes and technology.
Why choose the Cyber Essentials Mark?
- Build trust through proven cyber hygiene
Show customers, partners and regulators that you actively protect your digital assets and business operations.
- Safeguard your systems and data
Reduce the risk of cyberattacks through structured controls across access, patching and data backup procedures.
- Lay the foundation for advanced certification
Achieve the baseline certification needed to progress toward the Cyber Trust Mark for mature cybersecurity governance.
- Benefit from government funding
Qualify for CSA subsidies towards certification costs.
What is the certification process?
- PreparationComplete CSA’s guided self-assessment with our expert support.
- Independent assessment
We review your practices against CSA standards.
- Certification awardedReceive the Cyber Essentials Mark, valid for two years.
- Ongoing partnership
Re-certify or progress to the Cyber Trust Mark.
CSA-recognized certification assessments from a trusted provider
As the world’s leading testing, inspection and certification company, we are trusted globally and embedded in Singapore’s cybersecurity framework.
We offer:
- CSA-recognized certification assessments delivered by accredited cybersecurity professionals
- End-to-end guidance, from gap analysis to certification
- Local expertise with global credibility
- A clear pathway to advanced certification through the Cyber Trust Mark
FAQs
The Cyber Essentials Mark is valid for two years, after which you can renew or advance to the Cyber Trust Mark.
You must implement essential cybersecurity measures across five areas:
- Assets: secure people, hardware, software and data
- Secure/Protect: guard against malware, enforce access controls and configure securely
- Update: keep systems patched against vulnerabilities
- Backup: protect essential data with secure and separate backups
- Respond: detect, respond and recover effectively from cyber incidents
We provide end-to-end support – from initial gap assessment to independent evaluation and certification.
Yes. Eligible SMEs and non-profit organizations incorporated in Singapore can receive CSA funding deducted directly from SGS certification fees and is available until February 6, 2028.
| Quantity of endpoints | Classical cybersecurity | Cloud security, OT security or AI security* |
|---|---|---|
| 1–10 | $250 | $50 |
| 11–20 | $350 | $50 |
| 21–50 | $450 | $50 |
| 51–100 | $600 | $100 |
| 101–200 | $650 | $100 |
*Funding support applies to each digital technology pillar, including cloud security, OT security and AI security.
Important considerations:
- Funding support for the Cyber Essentials Mark is applicable only for the first successful certification per organization
- Eligibility is limited to SMEs and Non-Profit Organizations (NPOs) incorporated in Singapore
- Organizations must submit completed application forms directly to SGS, your CSA-appointed certification partner
Cyber Essentials establishes baseline cybersecurity hygiene. The Cyber Trust Mark recognizes advanced, risk-based cybersecurity maturity.
Contact us today. Our team will guide you through assessment, application and certification.