Cyber Essentials readiness · Singapore
Get certified. Keep your contracts. Lose the dread.
Cyber Essentials readiness: S$6,000, six days of work, up to 70% co-funded for eligible SMEs. That's the whole sentence.
Readiness record · private issue
- Scheme
- CYBER ESSENTIALS
- Scope
- S$6,000 · SIX DAYS
- Consultant
- NAMED ON EVERY JOB
- Reviewed
- JUL 2026
Prices published in full
Up to 70% co-funding for eligible SMEs
A named consultant on every job
The neighbourhood we protect
Don't lose the deal to a checkbox.
Clinic, logistics, software, online shop: sooner or later a tender, a client or an insurer asks each of them for the mark. We get Singapore's small and medium businesses audit-ready before that question costs them the work.
Nobody wakes up wanting a cybersecurity mark.
Something asked for it. Our job is to make the asking stop, quickly and without drama.
-
The tender grew a requirement
Government and enterprise buyers increasingly ask suppliers for the Cyber Essentials mark. We get you audit-ready in six days of work, so the next bid goes out with the box ticked. (say real: no cert, cannot bid.)
Cyber Essentials readiness -
A big customer sent a data-protection questionnaire
Data Protection Essentials is the IMDA and PDPC baseline built for exactly this. Smaller than a trustmark, real enough to answer with. (say real: answer the form properly, keep the deal.)
Data Protection Essentials -
You run a clinic and the Health Information Act is coming
Obligations phase in from September 2027. Clinics that start early do it calmly, on clinic hours, without a locum for the panic. (say real: new law for clinics, better don't drag.)
Readiness for clinics
See where you stand before you talk to anyone.
The mock audit
Ten minutes, marked like a real one. You get an honest grade card: what passes today, what would not, and the six-day path to fixing it. No email needed to see your grade.
Sit the mock auditThe grant calculator
Answer three questions, get your whole sentence: the fee, the co-funding you likely qualify for, and the number you would actually pay. Counted out in dots you can check.
Work out your priceOne mark leads to the next. Start on the step you need.
Most clients start with Cyber Essentials because that is what the tender asked for. The work we do there carries forward: each mark reuses the last one's homework.
- Available now Cyber Essentials The baseline CSA mark most tenders ask for. Six days of work.
- Available now Data Protection Essentials The IMDA and PDPC baseline for personal data. Pairs naturally with Cyber Essentials.
- Available now Cyber Essentials for clinics The healthcare variant, mapped to the Health Information Act. Built for clinic hours.
- First cohort late 2026 Cyber Trust mark The tiered CSA mark for growing organisations. Tier 3 becomes mandatory for licensed cyber providers by end-2026.
- From 2027 ISO 27001 · DPTM · ISO 42001 The long game: international standards and the Data Protection Trustmark, built on everything above.
For Singapore's small & medium businesses.
Clinics, logistics, engineering, software, professional services and online retail tend to feel it first. But if any customer, tender or regulator has asked your SME to certify, you are in the right place.
We get you ready. An independent body certifies you.
We prepare companies the way any serious exam is prepared for: a syllabus of five control areas, a schedule of six days, real insight into what auditors actually check, and a named consultant who stays until it is understood.
We prepare you. An independent certification body certifies you. That's the rule, and it's a good rule.
Read the full methodYour client portal, most weeks
Nothing due from you this week. We'll nudge you when that changes.
The facts, dated.
Everything we publish carries the date we checked it. If a number on this site is ever stale, tell us and we will correct it the same week.
Cyber Essentials readiness: S$6,000, six days of work, up to 70% co-funded for eligible SMEs. That's the whole sentence.
Eligible SMEs can receive up to 70% co-funding for cybersecurity readiness through Government support schemes.
Government pay up to 70%. Real money, not discount voucher. Your share is small. Miss the window, later you pay full price, then how? The paperwork also, we settle for you.
Plain answers
Do you issue the Cyber Essentials mark yourselves?
No, and nobody offering readiness services should. We prepare you until you are audit-ready; an independent, CSA-appointed certification body does the certifying. That separation is required by the scheme, and it protects you.
Which certification does my business actually need?
It depends on who is asking. Most tenders ask for the Cyber Essentials mark; a customer’s data-protection questionnaire usually points to Data Protection Essentials; larger or more digitalised organisations move up to the Cyber Trust mark, and clinics have their own healthcare path under the Health Information Act. If you are not sure, the ten-minute mock audit on this site routes you to the right one.
How long does it take to get audit-ready?
Six working days of our time for Cyber Essentials, usually spread over two to four weeks around your schedule. You will see the six days planned out before we start.
A tender is asking for the mark and the deadline is close. Can you make it?
Bring us the tender and the date, and we will tell you honestly whether it is makeable before you spend anything. The mock audit on this site takes ten minutes and shows you the gap first.
What if the auditor finds gaps after your work?
Our engagement covers you to audit-ready, and we say exactly what that means: every control evidenced, every document in place, a dry run completed. If the certification body still finds a gap in scope we prepared, we fix it with you at no extra fee.
Bring us the tender. We'll bring the plan.
A 30-minute chat with a consultant, not a salesperson. You leave with a plan on one page, whether or not you hire us.