Gradient

Overview of Cyber Trust Labels

There are four distinct quality levels of the label in order to be able to cover different target groups. The quality levels differ in terms of their security claim and the degree of assurance of the review (assurance level).
 
Cyber Trust Standard Label
Cyber Trust Silver Label
Cyber Trust Gold Label
Cyber Trust Platinum Label
Target Groups
SMEs who take cybersecurity seriously and want to show that to its customers. Suppliers of Operators of essential Services according to §16 NIS-Law (BGBL Nr. 111/2018) in less critical areas
Target Groups
Large companies and corporates. Suppliers of Operators of essential Services according to §16 NIS-Law (BGBL Nr. 111/2018) in more critical areas (e.g. software companies, processors of sensitive data, etc.)
Target Groups
Large companies and corporates. Suppliers of Operators of essential Services according to §16 NIS-Law (BGBL Nr. 111/2018) in more critical areas (e.g. software companies, processors of sensitive data, etc.)
Target Groups
Important entities according to Directive (EU) 2022/2555 (NIS 2), which must meet the requirements of Commission Implementing Regulation (EU) 2024/2690 of 17 October 2024, as well as all other companies that support advanced security standards
Basis
KSV1870 Cyber Risk B Rating
Basis
KSV1870 Cyber Risk A Rating
Basis
KSV1870 Cyber Risk A+ Rating
Basis
Implementing Regulation (EU) 2024/2690 of 17 October 2024
Assurance Level
Validated Self-declaration
Assurance Level
Validated Self-declaration
Assurance Level
Validated Self-declaration plus external Audit
Assurance Level
Completion of a questionnaire with validation and selective evidence review; agreement to the possible performance of a random inspection audit
Assurance Method
Answering a questionnaire with validation; acceptance of possible random surveillance audits, conduction of an automated web risk scoring
Assurance Method
Answering a questionnaire with validation; acceptance of possible random surveillance audits, conduction of an automated web risk scoring
Assurance Method
Evidence based audit by a qualified auditor (QuaSte accreditation); conduction of an automated web risk scoring
Assurance Method
Answering a questionnaire with validation and selective evidence check; acceptance of possible random surveillance audits
Security Claim
Baseline Security
Security Claim
Advanced Security
Security Claim
Advanced Security
Security Claim
Advanced Security
Number of Criteria
14
Number of Criteria
25
Number of Criteria
25
Number of Criteria
50
Requirements
Questionnaire B-Rating
Requirements
Questionnaire A-Rating
Requirements
Questionnaire A-Rating
Requirements
According to Implementing Regulation (EU) 2024/2690
Report
Summary of all questions and answers, as well as an assessment by the validator, including reasons for rejections
Report
Summary of all questions and answers, as well as an assessment by the validator, including reasons for rejections
Report
Summary of all questions and answers, as well as an assessment by the validator, including reasons for rejections
Report
Comprehensive report on the validated self-declaration on all requirements of the Implementing Regulation (EU) 2024/2690 with an assessment and evaluation of your information by a qualified validator, including recommendations for improvement measures where necessary. For submission as a (validated) self-declaration to the NIS authority.**
Label Requirements
Valid KSV1870 CyberRisk B-Rating of 190 or better
Label Requirements
Valid KSV1870 CyberRisk A-Rating of 190 or better
Label Requirements
Valid KSV1870 CyberRisk A+ Rating of 190 or better
Label Requirements
Achievement of 85% fulfillment of the requirements questionnaire or more
Validity Period
1 Year
Validity Period
1 Year
Validity Period
1 Year
Validity Period
1 Year
Label Fee (1st Year)
950€
Label Fee (1st Year)
1890€
Label Fee (1st Year)
1990€
Label Fee (1st Year)
4900€
Label Fee (Following Years)
900€
Label Fee (Following Years)
1750€
Label Fee (Following Years)
1850€
Label Fee (Following Years)
2900€
Audit Fee
-
Audit Fee
-
Audit Fee
According to audit partner
Audit Fee
-
Renewal Process
Renewed answering of the questionnaire*
Renewal Process
Renewed answering of the questionnaire*
Renewal Process
Renewed Audit*
Renewal Process
Renewed answering of the questionnaire as delta consideration

Not sure which label is right for your business?
Let our experts advise you free of charge.

*The requirement criteria are subject to annual review and adjusted as necessary.

**Completeness guarantee: If the authority's requirements regarding the form and content of the self-declaration change, we will expand/adapt this for you at no extra cost (at the latest by the next run).