If you're distributing Cyberday via Teams app setup policies, new users will get created automatically in Cyberday.
Now the same integration also handles user de-activation when you delete them from your tenant. After the de-activation, you'll be notified and can e.g. re-assign their content (if relevant) according to this help article.
Our language selection has expanded. Latvia and Lithuania have also been active with their own NIS2 legislation, which has already been finalized in both countries. These versions of the NIS2 laws will also soon be available in Cyberday as frameworks.
We've continued with multiple smaller improvements to the recently created vendor security assessments:
Our web app domain changed to app.cyberday.ai recently. This was related to our company name update, which we communicate more in this blog post.
The change is mostly invisible (e.g. all old links will redirect properly and everything will work just the same). But if you e.g. have some specific security systems allowing our old domain, you'd need to add our new domain there too.
In larger corporate group (i.e. groups of companies), there can be on main account responsible for sometimes setting additional requirements for subaccounts for certain tasks and sometimes offering the group-level implementation for some tasks.
Now this can be implemented better inside Cyberday. One account in a group of accounts can be assigned as the "corporate group account", which can then decide to share some task descriptions forward for sub accounts.
Sub accounts will receive the shared descriptions instantly, but need to otherwise manage the task normally and write their own "Account-specific additions" to the process description.
N.b.! This feature needs to be enabled the first time by contacting our team e.g. through the chat or at team@cyberday.ai.
CyberFundamentals, maintained by Centre for Cybersecurity Belgium, has been published in Cyberday.
The Belgian NIS2 law also refers quite directly to CyberFundamentals to define measures that meet NIS2 requirements.
CyberFundamentals offers a very comprehensive perspective on information security, borrowing many elements from, among others, the NIST CSF and ISO 27001 frameworks.
We will soon be releasing the first version of our new vendor security assessments feature.
This feature will enable you to first categorize your partners to different sets - to name which ones should get your security assessment. Then you can send assessments out based on a selected framework.
Under Partner management, you will see the summaries of assessment statuses and scores got by different vendors.
P.s. Also your own self assessments will be enabled through the new assessment flow soon.
TISAX (Trusted Information Security Assessment Exchange) is an assessment and exchange mechanism for the information security of organizations on the automotive industry.
In Cyberday, TISAX will be split to 1 main framework (information security requirements) and 2 extension frameworks (data protection requirements and prototype protection requirements). This is due to TISAX's structure, in which the information security is always a mandatory part and data procetion and prototype protection are applicable depending on the activities of the organization.
We made several improvements to the interface of linking modals used in documentation cards. The improvements aim to facilitate the documentation work done by, for example, Contributor-level users and to avoid the creation of unnecessary duplicates.
With the improvements, e.g. adding new items is clearly separated into its own function, the user is warned if he is adding a potential duplicate item, and the functionality of the search was improved in general.
TISAX is an assessment and exchange mechanism for the information security of enterprises in the automotive industry.
We'll soon be publishing TISAX as a framework in Cyberday. 🎉
If you're not utilizing Teams or Slack apps to deploy Cyberday, you'll get notifications via email.
We improved email notifications to match the notifications via other channels. You'll get notifications of items being overdue, users will get weekly Taskbook notifications, all employees will get monthly Guidebook notifications, and so on. 😇
If you're using Cyberday via Teams, you can invite people from other email domains to access Cyberday via your Teams environment. This is beneficial e.g. when you work with an auditor in a Teams team in your tenant.
When you do this, the related email domain is added as an allowed domain to your account. You can now see and control these domains, if you e.g. later need to remove an allowed domain.
P.s. Only users you have separately invited and see on the User management -table from the related domains can access the account.
Every documentation table now automatically includes the All fields view, where you can see a column for each information on the cards. The view can be changed via the "Change view" button.
In addition, on the main page of the Documentation, on the right side, next to each list, there is a button for quick export to Excel. By clicking this, you will quickly get an Excel export, which specifically includes the data of all fields from the table.
All Cyberday users can now enable MFA through their own profile page. In the past, the use of multi-factor authentication has been the default situation when using Teams, and possible to enforce by an organization-level decision in the web UI.
At the same time, we renewed the profile page, where each user can update their own basic information.
We brough more relevant information to "Your accounts" page. You can get here from the left menu through "Switch account" button.
This page is relevant especially for consultant or large corporations with multiple companies / accounts.
Your accounts page now displays:
You will see less information for the accounts where you're not an admin.