Yes. Most customers start Free to test contract clauses and supplier messaging, then upgrade to Starter or Professional once they are ready to scale.
Do our suppliers pay anything?
Yes. Suppliers pay a small, proportionate fee for the certification level you request. This can be as little as $95 for Bronze. CyberCert credit bundles are included from the Starter license, so suppliers can get started at no cost - typically applied at pilot stages only.
How long does it take for a supplier to get certified?
It depends on supplier readiness. There are many cases of certification taking just days for Bronze and Silver, and up to a few weeks if there are many gaps against the requested level. The ecosystem of specialists, vendor bundles, and insurance bundles can reduce the time significantly.
What if a supplier's certification expires?
CyberCert alerts SMBs 90 days before expiry and continues to alert them as expiry approaches. Professional and Enterprise tiers include automated renewal campaigns. Enterprise customers using implementation partners can request custom renewal management.
Can we require different certification tiers for different supplier risk levels?
Yes. That is the intended model. Many customers require Bronze and Silver for lower-risk suppliers, Gold for medium-risk suppliers, and Platinum or Diamond for higher-risk suppliers. Professional and Enterprise tiers support custom tier-by-risk-level mapping.
What happens if a certified supplier has a breach?
Gold includes incident response requirements. You can also require supplier notification through your incident management and contract processes. It is common to mandate Silver plus insurance as a baseline. Enterprise customers working with implementation partners can tailor this to your requirements.
Supply chain assurance in days, not years. 🚀
Start Free!
Get the framework, methodology, and template clauses you need to mandate the program, roll it out and gain immediate visibility.
CyberCert provides a framework for cybersecurity assurance. While our tools are designed to enhance security posture, CyberCert Pty Ltd makes no warranty, express or implied, that the use of this service will prevent all cyber incidents, data breaches, or third-party exploits. Use of the platform does not constitute a legal guarantee of compliance with any specific data privacy laws.
Headhunting Cyber Risk in the Recruitment Supply Chain.
Summary
Workinitiatives is redefining security in the recruitment sector by replacing heavy ISO-style audits with CyberCert's achievable pathways. By replacing manual questionnaires with real-time risk visibility, they reduced internal friction and ensured SMB partners were materially harder to compromise. This transformed supply chain assurance into a scalable, high-confidence process for the hiring ecosystem.
Organization
Workinitiatives
Workinitiatives found it challenging to lift security standards across a diverse network of small and mid-sized suppliers.
“CyberCert turned our supplier cyber assurance from a slow, one-off compliance chase into a consistent system we can run at scale. We replaced manual questionnaires with real-time visibility and a pathway SMBs can actually follow - and the result is suppliers that are materially harder to compromise, with drastically less internal effort.”
CEO, of Workinitiatives, National Recruitment Services Provider
The Challenge
Workinitiatives found it challenging to lift security standards across a diverse network of small and mid-sized suppliers.
Traditional ISO-style programs and long audit cycles were too heavy and slow for SMBs.
Detailed questionnaires felt like a hollow compliance exercise rather than a security improvement.
Internal teams spent excessive time chasing responses, yet still lacked real confidence in the resulting risk posture.
The Solution
Workinitiatives integrated CyberCert to move from manual chasing to a clear, achievable, and automated assurance model.
The shift focused on three core improvements:
1Understandable Language
Suppliers were given a roadmap they could understand and act on, rather than being buried in technical jargon.
2Real-Time Visibility
The platform provides immediate insight into supply chain risk without months of manual effort.
3Scalable Consistency
The process turned a one-off compliance activity into a consistent, scalable system that runs with high confidence.
The Results
The internal burden was replaced by material security gains across the board.
Metric
Previous Approach
CyberCert SCAP™
Assurance Speed
Long, slow audit cycles
Consistent & scalable
Supplier Success
Heavy compliance burden
Clear, achievable pathway
Internal Effort
High (manual chasing)
Low (reduced friction/time)
Suppliers became materially harder to compromise while internal time spent on assurance was drastically reduced.
Why it Matters
Workinitiatives moved beyond checking boxes to actually reducing supply chain risk.
By simplifying the process for SMBs, they secured the network without driving up costs or complexity.
The organization gained real visibility into its risk posture, enabling better-informed governance.
This demonstrates that supply chain assurance can be both rigorous and cost-effective when the pathway is clear for everyone involved.
Traditional vendor questionnaires take weeks, are subjective, and create no lasting value.SCAP™ gives you real-time visibility, and non-subjective certification for SMB suppliers turning supply chain cyber risk from a compliance burden into a strategic advantage.
1. Predictable Risk, Not Guesswork.
CyberCert is the safety certificate for your SMB suppliers. Like a food safety rating or electrical compliance badge, the certification tells you exactly which controls are in place-no interpretation required. Risk and compliance become predictable, measurable, and auditable.
2. nth Party Scale, Zero Friction.
No more diving into subjective questionnaires for every supplier, subsidiary, or contractor. Your suppliers show the cert-or better yet, you see their status live in your CyberCert Dashboard. Third-party suppliers? Solved. Fourth-party suppliers? Solved. Scale from 50 to 50,000 suppliers without adding headcount.
3. Non-Subjective, Certifiable Assurance
Simply mandate or prefer CyberCert based on each supplier's risk profile. The rest is handled by the ecosystem: Technical Support Specialists (TSS), technology vendors, insurance partners, and sponsored pathways take care of certification, renewal, and compliance. No friction. No red tape. No vendor pushback.
4. Risk-Based, Proportionate Assurance
When you uplift your supply chain, you strengthen the entire economy. Your SMB suppliers can rest easy knowing their business is protected and their contracts aren't at risk due to negligent cyber posture. You help them stay secure and competitive-and they help you build a resilient, trustworthy supply chain.
