Yes. Most customers start Free to test contract clauses and supplier messaging, then upgrade to Starter or Professional once they are ready to scale.
Do our suppliers pay anything?
Yes. Suppliers pay a small, proportionate fee for the certification level you request. This can be as little as $95 for Bronze. CyberCert credit bundles are included from the Starter license, so suppliers can get started at no cost - typically applied at pilot stages only.
How long does it take for a supplier to get certified?
It depends on supplier readiness. There are many cases of certification taking just days for Bronze and Silver, and up to a few weeks if there are many gaps against the requested level. The ecosystem of specialists, vendor bundles, and insurance bundles can reduce the time significantly.
What if a supplier's certification expires?
CyberCert alerts SMBs 90 days before expiry and continues to alert them as expiry approaches. Professional and Enterprise tiers include automated renewal campaigns. Enterprise customers using implementation partners can request custom renewal management.
Can we require different certification tiers for different supplier risk levels?
Yes. That is the intended model. Many customers require Bronze and Silver for lower-risk suppliers, Gold for medium-risk suppliers, and Platinum or Diamond for higher-risk suppliers. Professional and Enterprise tiers support custom tier-by-risk-level mapping.
What happens if a certified supplier has a breach?
Gold includes incident response requirements. You can also require supplier notification through your incident management and contract processes. It is common to mandate Silver plus insurance as a baseline. Enterprise customers working with implementation partners can tailor this to your requirements.
Supply chain assurance in days, not years. 🚀
Start Free!
Get the framework, methodology, and template clauses you need to mandate the program, roll it out and gain immediate visibility.
CyberCert provides a framework for cybersecurity assurance. While our tools are designed to enhance security posture, CyberCert Pty Ltd makes no warranty, express or implied, that the use of this service will prevent all cyber incidents, data breaches, or third-party exploits. Use of the platform does not constitute a legal guarantee of compliance with any specific data privacy laws.
Adopting CyberCert Protected Our Health Ecosystem.
Summary
Adopting CyberCert has transformed our partner risk management. By establishing a consistent cyber security baseline across all connectors, we help protect patient data, safeguard practices, and reduce systemic risk to the broader ecosystem.
Organization
Best Practice Software
Best Practice Software manages the highly sensitive and confidential health information accessed through integrating with third-party companies.
“Protecting patient privacy is non-negotiable. By introducing CyberCert into our integrated partner network, we’ve established a consistent, trusted cyber baseline across every connector - with proactive renewals, low internal admin load, and zero lapses. It’s how we extend duty of care beyond our platform and reduce systemic ecosystem risk.”
CISO, of Best Practice Software, Leading Healthcare Software Vendor
The Challenge
Best Practice Software manages the highly sensitive and confidential health information accessed through integrating with third-party companies.
Health data is deeply personal, and safeguarding it is fundamental to maintaining patient safety, privacy, and confidence.
Establishing a consistent cyber security baseline across all connectors is a critical risk management measure.
Traditional methods required practical solutions that didn't compromise security standards while managing unique or complex requirements.
The goal was to extend a duty of care beyond our own platform and into our integrated partners.
The Solution
Best Practice Software mandated CyberCert certification to establish a consistent and practical cyber security baseline for all connected partners.
The difference was immediate-three pathways to certification:
1Direct & Centralized
The Vendor-platform offers an intuitive, easy-to-use dashboard that allows Best Practice to link and manage relevant Partners in one central place, providing clear visibility across the network.
2Proactive Management
CyberCert actively manages partner engagement by proactively contacting partners ahead of certification renewal periods, ensuring continuous communication without placing additional load on internal teams.
3Ongoing Education
CyberCert hosts regular webinars to communicate changes to certification requirements and emerging security expectations, strengthening cyber security maturity across the SMB ecosystem.
The Results
Every integrated partner meets a consistent, trusted standard.
Zero drop-offs. Zero lapses in compliance.
Metric
Previous Approach
CyberCert SCAP™
Partner Compliance
Inconsistent baseline
Consistent & widely recognised
Administrative Burden
High internal load
Proactive management / Low-touch
Partner Engagement
Manual follow-ups
Proactive renewal contact
Ecosystem Maturity
Static standards
Regular webinars & updates
Onboarding
Manual coordination
Straightforward & well-supported
The system supports a scalable, low-touch compliance model while maintaining strong governance and security outcomes.
Why it Matters
Best Practice Software eliminated integration cyber risk while maintaining a trusted, scalable Partner Network.
Recommending CyberCert reflects a commitment to creating a secure environment where practices can operate with confidence.
It enables the extension of duty of care beyond the platform to ensure patient information is protected at every point of access.
This proves that medical software vendors can strengthen supply chain security and demonstrate leadership in the protection of health information.
Traditional vendor questionnaires take weeks, are subjective, and create no lasting value.SCAP™ gives you real-time visibility, and non-subjective certification for SMB suppliers turning supply chain cyber risk from a compliance burden into a strategic advantage.
1. Predictable Risk, Not Guesswork.
CyberCert is the safety certificate for your SMB suppliers. Like a food safety rating or electrical compliance badge, the certification tells you exactly which controls are in place-no interpretation required. Risk and compliance become predictable, measurable, and auditable.
2. nth Party Scale, Zero Friction.
No more diving into subjective questionnaires for every supplier, subsidiary, or contractor. Your suppliers show the cert-or better yet, you see their status live in your CyberCert Dashboard. Third-party suppliers? Solved. Fourth-party suppliers? Solved. Scale from 50 to 50,000 suppliers without adding headcount.
3. Non-Subjective, Certifiable Assurance
Simply mandate or prefer CyberCert based on each supplier's risk profile. The rest is handled by the ecosystem: Technical Support Specialists (TSS), technology vendors, insurance partners, and sponsored pathways take care of certification, renewal, and compliance. No friction. No red tape. No vendor pushback.
4. Risk-Based, Proportionate Assurance
When you uplift your supply chain, you strengthen the entire economy. Your SMB suppliers can rest easy knowing their business is protected and their contracts aren't at risk due to negligent cyber posture. You help them stay secure and competitive-and they help you build a resilient, trustworthy supply chain.
