Stone Cybersecurity

Cybersecurity

Stone Cybersecurity is a Singapore-based, CREST-certified cybersecurity firm serving clients across industries including healthcare, telecommunications,...

About Stone Cybersecurity

Stone Cybersecurity is a Singapore-based, CREST-certified cybersecurity firm serving clients across industries including healthcare, telecommunications,...

  • Address: 60 Anson Road #17-01, Singapore 079914
  • Verified Singapore presence: Physical Singapore office
  • Website: http://www.stonecyber.org
  • Best for: Stone Cybersecurity focuses on VAPT, Security Audits and Cyber Security Technologies.
  • Services: IoT Security, OT Security, Penetration Testing, Vulnerability Assessment, Email Phishing
  • Capabilities: IoT Security, OT Security, Penetration Testing, Vulnerability Assessment, Email Phishing, Ransomware, CASB
  • Regional offices: Operates from 2 offices across 2 markets — Singapore (HQ), Kuala Lumpur

Data checked 26 Jun 2026 Report incorrect data

View the full Stone Cybersecurity profile on TechDirectory.

Buyer Decision Checklist

Cybersecurity buying in Singapore turns on PDPA, the CSA Cybersecurity Act, and sector mandates from MAS and MOH. Use this checklist before you shortlist.

How to evaluate a cybersecurity vendor in Singapore

  • Confirm scope, rules of engagement, and who owns remediation before you sign.
  • Treat ISO 27001 / SOC 2 Type II / CREST as a baseline — ask for the auditor name and audit date, not just a logo.
  • Separate 'managed' from 'monitored': ask exactly what the vendor does at 3am when an alert fires, and whose name is on the on-call roster.
  • Check which reports are board-, audit-, or regulator-ready (MAS TRM, HCSF, or IM8 as applicable to you).
  • Get a fixed-fee scope for the first 90 days with unit pricing for extra endpoints, log volume, or incident-response hours.

Verify for Stone Cybersecurity

  • Confirm key details directly with the vendor — this listing isn't vendor-managed yet.
  • Ask for two recent Singapore client references you can speak with.
  • Request evidence of relevant certifications and their current validity.

Questions to ask

  • What is included in scope and retest, and what is explicitly excluded?
  • Can you share two Singapore clients in my sector and size that I can speak to?
  • How do you meet PDPC's 72-hour breach-notification window contractually?
5/100

Verified Score

Earned from verified Singapore signals only — never affected by paid plans. How it works.

  • ACRA-registered entity (UEN) No UEN on file 0/20
  • Verified ownership Unclaimed 0/10
  • Government grant eligibility None recorded 0/15
  • CSA cybersecurity trustmark None / expired 0/15
  • Listed certifications None listed 0/10
  • Verified local reviews No reviews yet 0/20
  • Profile completeness 5/10 completeness 5/10