Digitalisation creates new opportunities, and COVID-19 has accelerated the rise of the digital economy. An increasing digital way of life also increases enterprises’ and individuals’ exposure to cyber risks. Cybersecurity is a critical enabler to Singapore’s digital economy. There is a need to build confidence in enterprises to enable them to pursue the opportunities from digitalisation. Cybersecurity incidents often result in financial losses, tarnish business reputation and affect customers’ trust, negating business investments and customers’ confidence in the digital economy.
What is Cyber Trust mark?
The Cyber Trust mark is a cybersecurity certification for organisations with more extensive digitalised business operations. It serves as a mark of distinction for your organisation to prove that you have put in place good cybersecurity practices and measures that are commensurate with your cybersecurity risk profile.
Cyber Trust provides a guided approach for organisation to access cybersecurity risks and preparedness. It also takes on a risk-based approach to meet your organisation needs without over-investing.
The cybersecurity preparedness domains are organised in five (5) tiers to cater to the varying sizes, profiles and business needs of enterprises:
How to achieve Cyber Trust mark certification?
The Cyber Trust mark framework consists of a two-part assessment:
a) Assessment of risk –The enterprise shall assess their inherent risk through the risk scenarios templates provided. The risk scenarios are derived from top/common cybersecurity incidents in enterprises. Enterprises assess their inherent risk by evaluating the likelihood and impact of these scenarios occurring in their environment. Residual risk shall be assessed by the enterprise, with mitigating risk control measures referenced from the results of the cybersecurity preparedness level assessment.
b) Assessment of cybersecurity preparedness –The enterprise shall complete the cybersecurity preparedness level assessment, concurrent to the assessment of each risk scenario. For each domain, the enterprise shall identify the relevant or appropriate cybersecurity preparedness level that reflects the practices implemented in the organisation. Upon completion of the risk assessment and cybersecurity preparedness assessments, the cybersecurity preparedness level of the enterprise would be derived, and Cyber Trust mark certification would be issued in accordance with the enterprise’s cybersecurity preparedness level after review by GICG’s assessor. GICG’s assessor shall reference residual risk levels of the enterprise in determining the appropriate cybersecurity preparedness level of the organisation undergoing certification.
Cyber Trust mark certification with GICG
GICG is a leading and internationally recognised Testing, Inspection and Certification (TIC) body with close to 30 years of experience in Information Security Management Systems and Risk Management Audits. Appointment by the Cyber Security Agency of Singapore (CSA), as an assessment body for Cyber Trust mark certification, we help businesses like yours to validate and strengthen your commitment to cyber security.
With Cyber Trust mark certification, your business gains trust and fosters confidence among your customers and stakeholders as you demonstrate that you have adopted robust and accountable cyber security practices.
Interested businesses are encouraged to sign up for the certification programme.
Initial certification fees start from $800-$1200 depending on scope of certification, presence of multi-sites and other related variables. Do reach out to us for a no-obligation personal discussion and we can better understand your business operations to provide a definitive cost proposal.
For more information on Cyber Trust mark, including details of the checklists, please contact us using the following contact form. A GICG personnel will contact you for a no-obligation discussion.