For enquiries, please contact us here, or write to us at

CSA Cyber Trust Mark Certification

As businesses move towards digitalisation to improve operational efficiency, they inevitably become more vulnerable and exposed to cyberattacks. Cybersecurity is a critical enabler of Singapore’s digital economy. There is a need to build confidence in organisations to enable them to pursue the opportunities from digitalisation. Cybersecurity incidents often result in financial losses, affect business reputation, negating business investments and customers’ confidence in the digital economy.

The Cyber Trust mark can be a testament to your organisation’s sound cybersecurity practices and measures. It is a certification program developed by the Cyber Security Agency of Singapore (CSA) for organisations with more established digitalisation processes and invested protection for their IT infrastructure. SETSCO’s qualified and experienced auditors can conduct objective assessment of your cybersecurity procedures and safeguards to ensure that they meet the Cyber Trust mark requirements developed by CSA and henceforth provide your organisation with greater assurance of being “cyber safe”.

The Cyber Trust mark is a cybersecurity certification created for organisations with more extensive digitalised business operations. It is targeted at larger or more digitalised organisations as these organisations tend to have higher risk levels that require investment in expertise and resources to help manage and protect their IT infrastructure and systems. The Cyber Trust mark also adopts a risk-based approach in meeting your organisation’s needs without over-investing.

Benefits of attaining the CSA Cyber Trust Mark

1. Takes on risk-based approach with over-investing
The Cyber Trust mark takes on a risk-based approach to guide organisations in identifying gaps in their implementation of the cybersecurity preparedness measures so that their implementation commensurate with their cybersecurity risk profiles.

2. Compliant with Industry Best Practices
The Cyber Trust mark aligns your organisation with national cybersecurity standards and frameworks. It also enables you to keep abreast with the latest industry practices and guidelines while ensuring that your security controls are effective and up-to-date.

3. Enhanced Stakeholder Trust
The Cyber Trust mark is an endorsement of your organisation’s commitment to cybersecurity. It instils confidence in your stakeholders (including clients, partners and customers) that their data and sensitive information are protected.

4. Competitive Advantage
With the Cyber Trust mark , it differentiates you from your competitors and helps your organisation position itself as a trusted and reliable partner. It demonstrates your commitment to cybersecurity, giving you a competitive edge in the market.

5. Provides a pathway to ISO/IEC 27001 certification
The Cyber Trust mark provides a pathway to International standards such as ISO/IEC 27001. Organisation who wish to assess against ISO/IEC 27001:2013 may refer to the mapping in Annex III, which maps the cybersecurity preparedness statements in Cyber Trust mark to ISO/IEC 27001:2013

Contact us for more information

Name: Mae Dela Cruz
DID: +65 6895 0650

Name: Cindy
DID: +65 94283210

Name: Elean Kwek
DID: +65 6895 0669

Frequently Asked Questions

For how long is the Cyber Trust mark certificate valid?

The certification is valid for a duration of 3 years, with yearly audits.

Certification Fee and Funding Support

Cyber Trust Mark

Quantity of End-points

Certification Fee for Cyber Trust mark

Maximum Level of Support from CSA (First Successful Application)

Certification Fee Charged to Industry (Factoring in CSA Support)

1 – 10

$1000 - $4000


$500 - $3500

11 – 20

$4000 - $8000


$3275 - $7275

21 – 50

$4000 - $8000


$3150 - $7150

51 – 100

$4000 - $8000


$2650 - $6650

101 – 200

$4000 - $8000


$2400 - $6400

Application Process

  • Assessment involves both the review and verification of documents, as well as implementation and effectiveness
  • Organisations should ensure that they have approximately three (3) months of implementation data/logs in their systems prior to assessors performing verification of implementation and effectiveness

Which cybersecurity preparedness tier does my organisation belong to?

There are five Cybersecurity Preparedness tiers, with 10 to 22 domains under each tier. Organisations can use the Cyber Trust Mark risk assessment framework to identify which Cybersecurity Preparedness Tier is most suited to their needs