Yes. Most customers start Free to test contract clauses and supplier messaging, then upgrade to Starter or Professional once they are ready to scale.
Do our suppliers pay anything?
Yes. Suppliers pay a small, proportionate fee for the certification level you request. This can be as little as $95 for Bronze. CyberCert credit bundles are included from the Starter license, so suppliers can get started at no cost - typically applied at pilot stages only.
How long does it take for a supplier to get certified?
It depends on supplier readiness. There are many cases of certification taking just days for Bronze and Silver, and up to a few weeks if there are many gaps against the requested level. The ecosystem of specialists, vendor bundles, and insurance bundles can reduce the time significantly.
What if a supplier's certification expires?
CyberCert alerts SMBs 90 days before expiry and continues to alert them as expiry approaches. Professional and Enterprise tiers include automated renewal campaigns. Enterprise customers using implementation partners can request custom renewal management.
Can we require different certification tiers for different supplier risk levels?
Yes. That is the intended model. Many customers require Bronze and Silver for lower-risk suppliers, Gold for medium-risk suppliers, and Platinum or Diamond for higher-risk suppliers. Professional and Enterprise tiers support custom tier-by-risk-level mapping.
What happens if a certified supplier has a breach?
Gold includes incident response requirements. You can also require supplier notification through your incident management and contract processes. It is common to mandate Silver plus insurance as a baseline. Enterprise customers working with implementation partners can tailor this to your requirements.
Supply chain assurance in days, not years. 🚀
Start Free!
Get the framework, methodology, and template clauses you need to mandate the program, roll it out and gain immediate visibility.
CyberCert provides a framework for cybersecurity assurance. While our tools are designed to enhance security posture, CyberCert Pty Ltd makes no warranty, express or implied, that the use of this service will prevent all cyber incidents, data breaches, or third-party exploits. Use of the platform does not constitute a legal guarantee of compliance with any specific data privacy laws.
See for Yourself.
How others simplified Supplier Cyber Assurance.
Best Practice Software
Adopting CyberCert Protected Our Health Ecosystem.
“Protecting patient privacy is non-negotiable. By introducing CyberCert into our integrated partner network, we’ve established a consistent, trusted cyber baseline across every connector - with proactive renewals, low internal admin load, and zero lapses. It’s how we extend duty of care beyond our platform and reduce systemic ecosystem risk.”
“MSPs don’t just secure clients - we secure the ecosystem around them. CyberCert gave us a practical, verifiable SMB baseline (SMB1001-aligned) that we can require in onboarding and validate instantly. We’ve reduced friction, sped up assurance, and built stronger trust because evidence is built-in - not ‘trust me’ PDFs.”
Headhunting Cyber Risk in the Recruitment Supply Chain.
“CyberCert turned our supplier cyber assurance from a slow, one-off compliance chase into a consistent system we can run at scale. We replaced manual questionnaires with real-time visibility and a pathway SMBs can actually follow - and the result is suppliers that are materially harder to compromise, with drastically less internal effort.”
Traditional vendor questionnaires take weeks, are subjective, and create no lasting value.SCAP™ gives you real-time visibility, and non-subjective certification for SMB suppliers turning supply chain cyber risk from a compliance burden into a strategic advantage.
1. Predictable Risk, Not Guesswork.
CyberCert is the safety certificate for your SMB suppliers. Like a food safety rating or electrical compliance badge, the certification tells you exactly which controls are in place-no interpretation required. Risk and compliance become predictable, measurable, and auditable.
2. nth Party Scale, Zero Friction.
No more diving into subjective questionnaires for every supplier, subsidiary, or contractor. Your suppliers show the cert-or better yet, you see their status live in your CyberCert Dashboard. Third-party suppliers? Solved. Fourth-party suppliers? Solved. Scale from 50 to 50,000 suppliers without adding headcount.
3. Non-Subjective, Certifiable Assurance
Simply mandate or prefer CyberCert based on each supplier's risk profile. The rest is handled by the ecosystem: Technical Support Specialists (TSS), technology vendors, insurance partners, and sponsored pathways take care of certification, renewal, and compliance. No friction. No red tape. No vendor pushback.
4. Risk-Based, Proportionate Assurance
When you uplift your supply chain, you strengthen the entire economy. Your SMB suppliers can rest easy knowing their business is protected and their contracts aren't at risk due to negligent cyber posture. You help them stay secure and competitive-and they help you build a resilient, trustworthy supply chain.
