Cybersecurity Seal
SGS CyberSecurity
Cybersecurity Innovation HUB
placeholder image

The Certification Challenge

Companies either small or large are nowadays experiencing cyber attacks on a daily basis. With 25k the average cost of a cyber attack, often companies that are attacked actually close down, or become a target and are attacked more than once.
To tackle this, the EU Cybersecurity Act entered into force less than one year ago with the aim to establish an EU-wide harmonised framework to certify ICT products and services. Standards can help companies act with confidence to protect themselves, their customers and partners from cyberattacks and data breaches.
However, for an SME or Start-up who wants to start a certification process, this is a very complex environment. With many standards, schemes and methodologies around, a guidance is needed to help them understand where to start, before starting a typical process involving reaching out to a Consulting firm to implement standards or technical specifications, performing an internal self-assessment of products, processes and services and finally being accredited as certified by a third independent party.

placeholder image

Why a lightweight cybersecurity label?

Performing a self-assessment based upon a robust approach to clearly identify the critical assets an SME need to protect to run its business, and which of those are critical for its customers, and to assess all the various processes and procedures, can avoid wasting time, avoid frustration and save money in the path to enable certification or better compliance to regulations.
The Cybersecurity Label address this by facilitating a company to carry out a self-assessment which is built on relevant parts of ISO 27001, 22301 or NIST directive. It covers a number of topics and delivered in a concise manner to ensure the SME assimilates clear concepts, smoothing the path to further action and ensuring that SMEs understand the landscape they are working in and the key elements that are addressed by the Cybersercurity act.

placeholder image

Key Benefits

The tool is organised as a simple online questionnaire in which SMEs will be evaluated according to 8 domains which are the starting point of the general process of certification:
1. Requirements for the Software
2. Requirements for the Protocols
3. Requirements for Services
4. Hardware requirements
5. Requirements for Infrastructure
6. Security policy and associated regulations
7. Requirements for External Providers
8. Requirements for "Critical Business Products

According to the scoring of each domain the tool presents SMEs with observation on the areas they’re lacking and needs improvements.
The tool provides SMEs a low-cost solution for assessing & subsequently showcasing their cybersecurity posture and will lower the barriers of SMEs in starting the general process of certification

Understand your cybersecurity weaknesses