All Cyberday users can now enable MFA through their own profile page. In the past, the use of multi-factor authentication has been the default situation when using Teams, and possible to enforce by an organization-level decision in the web UI.
At the same time, we renewed the profile page, where each user can update their own basic information.
We brough more relevant information to "Your accounts" page. You can get here from the left menu through "Switch account" button.
This page is relevant especially for consultant or large corporations with multiple companies / accounts.
Your accounts page now displays:
You will see less information for the accounts where you're not an admin.
Now you can help us spot the best development ideas for Cyberday! We've created a new "Development ideas" page, where you can suggest new ideas or vote for and comment ideas others have suggested.
Each users has 10 votes available to give for active ideas. Once your ideas get implemented, you'll receive your votes back. 😇
Join along in the discussion! 📣
We're bringing in language support for Spanish, Italian and Norwegian versions of Cyberday.
Translations will first be released as partly machine-translated early versions, but will be improved over time. You can help us through "Improve translations" -feature, if you spot any inconsistencies.
We will publish ISO 9001 framework in Cyberday during next week.
ISO 9001 will be fully supported, but it will be labeled as a "supporting framework", as we recommend always using it in connection with information security frameworks - not by itself.
Read more about the topic from our blog.
We are currently working on the DORA framework and aim to publish it in Cyberday during next couple of weeks.
We're creating a new, automated monthly report, that is mostly designed for top management communication.
The report will display main metrics from your account along, summarize the progress you've made during the month and show some related key information.
This report is not too lenghty and makes it easy to showcase your done information security work in a positive way. 👍
Soon you can enable "distribute to employees via Guidebook" for the reports you want everyone to read.
After you've done this, the report will be displayed to selected employees in Guidebook. Employees need to open the report and confirm it as read - similarly as for guidelines.
We published a new Metrics-page. You will find it in the left menu - by default under the "More" button, but you can pin the page to the top of the left menu if you want.
On the Metrics page, you can define the key metrics of information security management that are most relevant to your organization's work. There are a total of 20+ metrics depending on the amount of frameworks you have enabled. You can edit the goal values for different metrics yourself. There are three different types of meters:
In the future, the meters will be used in the so-called with the management's monthly reports, where the implemented meters automatically jump in.
For organizations that want to delegate risk assessment work to asset owners, we just published a new feature: asset-based risk identification.
If you enable this feature from Settings, the selected asset's documentation cards will show a pending risk identification workflow.
With the help of this workflow, asset owners identify detailed and relevant risks for this asset. Then they can continue normally forward with the risk workflow - straight from the asset's documentation card.
We published improvements to the information security risk management table and to the risk workflow.
Workflow for risks is now more clearly divided to the 4 main steps: identification, evaluation, treatment and monitoring.
Each step display a short instruction on what to do, and specific action buttons on the rows of the actual risks.
We will be adding some related changes to the risk documentation cards soon, that will support utilizing this renewed table even better.
The Cybersecurity Capability Maturity Model (C2M2) helps organizations evaluate their cybersecurity capabilities and optimize security investments.
This level includes the MIL1 requirements and other measures included in other supported frameworks, giving an estimated 50% coverage of the full framework.
We extended the functionalities on User stats -page and also at the same time moved it to a more prominent position on the left menu.
Now you'll have 2 separate tabs on the page:
You have plenty of other filters also at your disposal on the "All ownerships" -tab.
We are developing a visual mode to documentation cards, through which you can understand the connections between different items better.
A switch is planned to show up on top of the card to enable the visual mode. Editing would still be normally done from the card view.
We are currently making improvements to the information security risk management table and to the risk workflow.
At the same time, we will introduce the possibility to deploy asset-specific risk assessments, which will allow the organisation to direct the owners of key assets (e.g. data system, data store, provider, site) to conduct a risk assessment that will go through the most important threats associated with that asset type.
The changes will be implemented so that they do not break or render useless any work previously done in related sections.
More information coming soon. 👍
.svg)
.png)
