CSA CYBER ESSENTIALS AND CYBER TRUST MARKS CERTIFICATION
Since the inception of the Singapore Smart Nation Initiatives, the business landscape has been profoundly influenced by the evolving demands for greater digital connectivity and the need to adapt to a rapidly changing environment. The accelerating pace of digital transformation is reshaping industries of all sizes, as corporations, organizations, and governments increasingly adopt advanced IT solutions to stay competitive and relevant in a fast-evolving world. These shifts are driving innovation and prompting organizations to reimagine their operations, ensuring they can meet the challenges of the future.
As organizations increasingly rely on IT systems to manage their daily operations, the threat of cyber-attacks has become a critical concern. However, the benefits of implementing strong cybersecurity practices go beyond just safeguarding data. Effective cybersecurity not only protects sensitive information but also ensures business continuity, builds customer trust, and enables secure digital transformation. By proactively addressing cyber risks, organizations can confidently seize new business opportunities, safeguard their reputation, and thrive in the digital economy, where trust and security are paramount.
The Singapore Government, in collaboration with key industry players, has established a comprehensive framework for cybersecurity standards across organizations in the country. This initiative aims to raise awareness, set clear benchmarks for protecting data, and empower businesses to make informed decisions as they adopt digital technologies. To support organizations in strengthening their cybersecurity posture, the Cyber Security Agency (CSA) offers the Cyber Essentials and Cyber Trust certifications. These certifications recognize businesses that demonstrate a commitment to implementing robust cybersecurity practices, helping them build trust, ensure resilience, and effectively navigate the digital landscape. Achieving certification not only enhances cybersecurity but also showcases an organization's dedication to safeguarding data and maintaining operational integrity in the evolving digital economy.
BUREAU VERITAS – YOUR TRUSTED PARTNER TO SAFEGUARD YOUR CYBERSECURITY
Bureau Veritas Singapore fully supports this initiative as part of its commitment to promoting best practices in cybersecurity. In collaboration with the Cyber Security Agency of Singapore (CSA) and other industry stakeholders, we advise, audit, and recognize enterprises that demonstrate a strong commitment to cybersecurity through the attainment of the CSA SG Cyber Safe - Cyber Essentials Mark and Cyber Trust Mark. Our local team is ready to assist all interested parties in pursuing these Cybersecurity standards, helping organizations build trust and resilience in an increasingly digital world.
Bureau Veritas Singapore is proud to be appointed as one of the Certification Bodies by Cyber Security Agency of Singapore (CSA) in launching Cyber Essentials and Cyber Trust Mark certification.
-
Cyber Essentials Mark
Cyber Essentials Mark is a Cybersecurity certification for organizations that are embarking on their cybersecurity journey. It serves to recognize that your organization has put in place good cyber hygiene practices to protect your operations and your customers against common cyber-attacks.
Once the Cyber Essentials mark certification has been issued to an organization, the certification shall remain valid for a period of two (2) years.FOR MILESTONE 3: Cyber Essentials (2025) Certification Fee Classical Cybersecurity Add-on Digital Technologies Quantity of End-Points Classical Cybersecurity [2] Maximum Level of Support from CSA [3] Cloud Security
[1],[2]
OT Security
[1],[2]
AI Security
[1],[2]
Maximum Level of Support from CSA[4] 1 – 10 $500 $250 + $100 - + $100 $50 11 – 20 $700 $350 + $150 - + $150 $50 21 – 50 $700 $450 + $200 - + $200 $50 51 – 100 $700 $600 + $200 - + $200 $100 101 – 200 $1,000 $650 + $250 - + $250 $100 201 – 500 (in increments of 100 end-points) $500 Funding support is available up to 1st 200 end-points only. + $100 - + $100 Funding support is available up to 1st 200 end-points only. 501 and above (in increments of 100 end-points) $200 + $100 - + $100 Quantity of End-Points Classical Cybersecurity [2] Cyber Essentials
for ICT Vendors
[1],[2]
Maximum Level of Support from CSA 1 – 10 $500 +$100 $250 11 – 20 $700 +$150 $350 21 – 50 $700 +$200 $450 51 – 100 $700 +$200 $600 101 – 200 $1,000 +$250 $650 201 – 500 (in increments of 100 end-points) $500 +$100 Funding support is available up to 1st 200 end-points only. Table 1 – Cyber Essentials Certification Fees and Funding Support Provided by CSA
Notes
[1] Certification fees are add-on fees to charges for Cyber Essentials (2025) – Classical Cybersecurity
[2] As submitted in Proposal and/or clarification(s)
[3] For first successful certification per eligible organisation – Organisations that had previously secured funding support for Cyber Essentials (2022) are not eligible
[4] For first successful certification per eligible organisation for each digital technology pillar (cloud security, OT security, AI security)
How to apply?
dOWNLOAD APPLICATION FORM SUBMIT TO
vincent.chng@bureauveritas.com ; RECEIVE
Quotation APLLICANT
Self-assessment BOOK
Desktop Verification MEET
Criteria?
- Yes, recommend 2 years certification
- No, close findings
RENEW
Recertification after 2 years Image
-
CYBER TRUST MARK
Cyber Trust Mark is a Cybersecurity certification for organizations with more extensive digitalized business operations. It serves as a mark of distinction for your organization to prove that you have put in place good cybersecurity practices and measures that are commensurate with your cybersecurity risk profile.
Once the Cyber Trust mark certification has been issued to an organization, the certification shall remain valid for a period of three (3) years. The organization shall undergo surveillance audit assessments against its Cyber Trust mark certification tier annually.
Image
HOW TO APPLY? DOWNLOAD APPLICATION FORM SUBMIT TO
vincent.chng@bureauveritas.com RECEIVE
• Quotation APPLICANT
Self-Assessment - Assessment of risk - Assessment of cybersecurity preparedness BOOK
Stage 1 & Stage 2 Audit MEET
Criteria?
- Yes, recommend 3 years certification
- No, close findings
YEARLY
Annual Surveillance audit to be conducted on 2nd and 3rd year RENEW
Recertification after 3 years Cyber Trust (2025) Certification Fee
Classical Cybersecurity
Add-on Digital Technologies
Quantity of End-Points
Classical Cybersecurity [2]
Maximum Level of Support from CSA [3]
Cloud Security[1],[2]
OT Security[1],[2]
AI Security[1],[2]
Maximum Level of Support from CSA[4]
1 – 10
$1,500 - $4,000
$1,375
+ $100
-
+ $100
$225
11 – 20
$1,500 - $4,000
$1,375
+ $150
-
+ $150
$225
21 – 50
$2,000 - $4,500
$1,625
+ $200
-
+ $200
$225
51 – 100
$2,500 - $5,000
$1,875
+ $200
-
+ $200
$225
101 – 200
$3,000 - $6,000
$2,250
+ $250
-
+ $250
$450
201 – 500 (in increments of 100 end-points)
$500
Funding support is available up to 1st 200 end-points only.
+ $300
-
+ $300
Funding support is available up to 1st 200 end-points only.
501 and above (in increments of 100 end-points)
$300
+ $500
-
+ $500
The actual audit duration and costs will be affected by the below factors:
- Company size
- Single or multi-locations
- Complexity of scope
- *Minor deduction of audit duration and cost will be applied to organizations certified with other Information Security Certifications.
- Manpower
- Number of end points
- What the domain organisation is applying for
Image