SG Cyber Safe Programme

Strengthen Cyber Defences

Cyber threats now impact organisations of all sizes, not just large enterprises. Small and Medium Enterprises (SMEs) are becoming frequent targets of cyberattacks. To help organisations build a strong cybersecurity foundation, CSA established the Cyber Essentials and Cyber Trust certifications to guide improvements in cyber defence. To broaden the scope, CSA has updated these frameworks to go beyond traditional IT security, now including Cloud Security, Operational Technology (OT) Security, and AI Security—helping businesses better protect their digital assets.

Cyber Essentials Mark

What is Cyber Essentials Mark?

Cyber Essentials is developed under Singapore to guide organisations in improving their cyber defences. Cyber Essentials Mark is a certification that promotes a safer cyberspace. It is designed for organisations with basic cybersecurity practices, such as small and medium enterprises (SMEs). The mark shows that the organisation has implemented essential cyber hygiene measures to protect itself from common cyber threats. Compared to Cyber Trust, Cyber Essentials is for organisations that need only basic protection against common cyber threats.

Cyber Essentials Mark Brochure

See attached brochure here for more info on the Cyber Essentials Mark.

Benefits of Cyber Essentials:

Protects your systems from common cyber threats
Builds trust with clients and stakeholder
Prerequisite for submission of public sector or government contracts
Reduces exposure to vulnerabilities through standardized configurations

What measures does your organisation need to implement?

How to Achieve Cyber Essentials Mark Certification

Certification Process:

URSFE’s assessor will assess the organisation’s cyber hygiene through a documentation audit.

Steps to Get Certified:

Enquiry: Client submit an application.
Acceptance: URSFE review and accept the application.
Self-Assessment Form Submission: Client complete and submit the CSA’s self-assessment questionnaire.
Assessment: Desktop review of submitted documents.
Review of Findings: The assessor reviews the results and verifies if requirements are met.
Certification Awarded: Valid for 2 years.

Who Can Apply for the Funding?

Only Singapore-registered businesses and Non-Profit Organisations (NPOs) incorporated in Singapore are eligible.
only for the first successful Cyber Essentials certification per organisation.

APPLICATION FEE & FUNDING SUPPORT (GRANT) AVAILABLE Certification Fees for Cyber Essentials (2025)

	Cyber Essentials (2025) Certification Fee
	Classical Cybersecurity		Add-on Digital Technologies
Quantity of End-points	Classical Cybersecurity [2]	Maximum Level of Support from CSA [3]	Cloud Security [1],[2]	AI Security [1],[2]	Maximum Level of Support from CSA [4]
1 – 10	$400	$250	+ $100	+ $100	$50
11 – 20	$550	$350	+ $100	+ $100	$50
21 – 50	$550	$450	+ $100	+ $100	$50
51 – 100	$800	$600	+ $100	+ $100	$100
101 – 200	$950	$650	+ $200	+ $200	$100
201 – 500 (in increments of 100 end-points)	$100 (Every increment of 100 end-points, additional $100)	Funding support is available up to 1^st 200 end-points only.	+ $200	+ $200	Funding support is available up to 1^st 200 end-points only.
501 and above (in increments of 100 end-points)	$100 (Every increment of 100 end-points, additional $100)		+ $400	+ $400

(The above fees are subject to GST) Notes [1] Certification fees are add-on fees to charges for Cyber Essentials (2025) – Classical Cybersecurity [2] As submitted in Proposal and/or clarification(s) [3] For first successful certification per eligible organisation – Organisations that had previously secured funding support for Cyber Essentials (2022) are not eligible. Only Singapore-registered businesses. [4] For first successful certification per eligible organisation for each digital technology pillar (cloud security & AI security) For more information on the grant, please visit the Cyber Security Agency of Singapore (CSA) website. Certification for the Cyber Trust mark | Cyber Security Agency of Singapore Cybersecurity & AI Standards We Offer:

Cyber Essentials- Basic cybersecurity
ISO 27017 & ISO 27018 Cloud security
ISO 42001 Artificial Intelligence Management System (AI security)

Cyber Trust Mark

What is Cyber Trust mark?

Cyber Trust is developed under Singapore to guide organisations in improving their cyber defences. Cyber Trust Mark is a certification for organisations with more advanced digital operations. It is suitable for larger companies that face higher cybersecurity risks and require stronger protection. The Cyber Trust Mark uses a risk-based approach to help organisations understand their cyber risks and take appropriate steps to manage them. Compared to Cyber Essentials, Cyber Trust assesses higher-level governance, incident response and organisation-wide cybersecurity readiness.

Cyber Trust Mark Brochure

See attached brochure here for more info on the Cyber Trust Mark.

Benefits of Cyber Trust:

Enhance protection across IT, Cloud and AI systems
Builds trust with clients and stakeholder
Prerequisite for submission of public sector or government contracts
Reduces exposure to vulnerabilities through standardized configurations

Indicative Organization Profiles and Cyber Security Preparedness Tiers

The diagram illustrates the varying levels of cybersecurity preparedness correlated with an organization’s size and digital maturity. It is important to note that this classification serves as an indicative reference. In practice, organizations of similar size may possess differing risk profiles and cybersecurity preparedness levels due to variations in sector, data sensitivity, and exposure to cyber threats.

How to Achieve Cyber Trust Mark Certification

Certification Process:

URSFE’s assessor will assess the submitted assessments and evaluates the enterprise’s residual risk levels.
Certification is awarded based on the enterprise’s cybersecurity preparedness level.

Steps to Get Certified:

Enquiry: Client submit an application.
Acceptance: URSFE review and accept the application.
Self-Assessment Form Submission: Client complete and submit the CSA’s self-assessment questionnaire.
Assessment: Two-stage assessment including desktop review and on-site/hands-on audit.
Review of Findings: The assessor reviews the results and verifies if requirements are met.
Certification Awarded: Valid for 3 years with annual surveillance audits.
Recertification/Revalidation: Maintain certification through periodic reassessments.

Who Can Apply for the Funding?

Only Singapore-registered businesses and Non-Profit Organisations (NPOs) incorporated in Singapore are eligible.
only for the first successful Cyber Essentials certification per organisation.

APPLICATION FEE & FUNDING SUPPORT (GRANT) AVAILABLE Certification Fees for Cyber Trust (2025)

	Cyber Trust (2025) Certification Fee
	Classical Cybersecurity		Add-on Digital Technologies
Quantity of End-Points	Classical Cybersecurity [2]	Maximum Level of Support from CSA [3]	Cloud Security [1],[2]	AI Security [1],[2]	Maximum Level of Support from CSA [4]
1 – 10	$1,200 – $1,600	$1,375	+ $100	+ $100	$225
11 – 20	$1,600 – $2,400	$1,375	+ $100	+ $100	$225
21 – 50	$2,400 – $2,800	$1,625	+ $100	+ $100	$225
51 – 100	$2,800 – $3,000	$1,875	+ $100	+ $100	$225
101 – 200	$3,000 – $3,800	$2,250	+ $200	+ $200	$450
201 – 500 (in increments of 100 end-points)	$800 (Every increment of 100 end-points, additional $800)	Funding support is available up to 1^st 200 end-points only.	+ $200	+ $200	Funding support is available up to 1^st 200 end-points only.
501 and above (in increments of 100 end-points)	$800 (Every increment of 100 end-points, additional $800)		+ $400	+ $400

(The above fees are subject to GST) Notes [1] Certification fees are add-on fees to charges for Cyber Trust (2025) – Classical Cybersecurity [2] As submitted in Proposal and/or clarification(s) [3] For first successful certification per eligible organisation – Organisations that had previously secured funding support for Cyber Essentials (2022) are not eligible. Only Singapore-registered businesses (SMEs) and Non-Profit Organisations (NPO) incorporated in Singapore are eligible [4] For first successful certification per eligible organisation for each digital technology pillar (cloud security & AI security) For more information on the grant, please visit the Cyber Security Agency of Singapore (CSA) website. Certification for the Cyber Trust mark | Cyber Security Agency of Singapore

Fees for additional sub-scheme:

Cyber Essentials for ICT Vendors

	Cyber Essentials (2025) Certification Fee
	Classical Cybersecurity		Add-on Digital Technologies
Quantity of End-Points	Classical Cybersecurity	Maximum Level of Support from CSA [First successful application]	Cloud Security [Add-on fees]	AI Security [Add-on fees]	Maximum Level of Support from CSA [Application for each digital technology pillar]
1 – 10	$400	$250	+ $100	+ $100	$50
11 – 20	$550	$350	+ $100	+ $100	$50
21 – 50	$550	$450	+ $100	+ $100	$50
51 – 100	$800	$600	+ $100	+ $100	$100
101 – 200	$950	$650	+ $200	+ $200	$100
201 – 500 (in increments of 100 end-points)	$100 (Every increment of 100 end-points, additional $100)	Funding support is available up to 1^st 200 end-points only.	+ $200	+ $200	Funding support is available up to 1^st 200 end-points only.
501 and above (in increments of 100 end-points)	$100 (Every increment of 100 end-points, additional $100)		+ $400	+ $400
Quantity of End-Points	Classical Cybersecurity		Cyber Essentials for ICT Vendors [Add-on fees]		Maximum Level of Support from CSA
1 – 10	$400		+ $100		$250
11 – 20	$550		+ $100		$350
21 – 50	$550		+ $100		$450
51 – 100	$800		+ $100		$600
101 – 200	$950		+ $200		$650
201 – 500 (in increments of 100 end-points)	$100 (Every increment of 100 end-points, additional $100)		+ $200		Funding support is available up to 1^st 200 end-points only.

Cybersecurity & AI Standards We Offer:

Cyber Trust- Basic cybersecurity
ISO 27017 & ISO 27018 Cloud security
ISO 27001 Information Security Management System (ISMS)