If you wish, you can now make changes to the settings of published embed reports (e.g. privacy notices), so that the information of supplier companies is not displayed in connection with e.g. data system and data location information.
We've received a good reception for the employee incident reporting features in Guidebook.
Now we're going to expand similar possibilities. In the next phase, employees can also be enabled to report about different kind of non-conformities with the ISMS and about new data systems, which are either recenctly acquired or for some other reason are missing from the ISMS data system listing.
Some key assets (e.g. data systems, data stores, system providers, offices) may be linked to numerous other elements in your ISMS in multiple ways.
Some links are created directly on the documentation card, but some are created the other way, e.g. from a risk assessment to this asset or from some other assets card to this asset.
Now also these "inlinking" connections are always easily viewable on the bottom of the documentation card.
We improved the usability and contents of compliance reports. These reports are very important e.g. during audits and in general for you to understand and communicate the compliance towards a selected framework.
We improved the following things on compliance reports:
Now anytime you're browsing around in Cyberday, we are showing you the relevant Academy content (e.g. help articles, videos, blog posts) on the left menu.
Look for the ?-icon on the menu to get some additional help, when you need it!
We published readiness assessments a while ago. These are a good way to get the work on Cyberday initially started or to evaluate your compliance towards a new framework.
We added two small additions to the feature:
We're currently finalizing our framework for ISO 27001:2022 update. The older version of the framework will stay available normally for the 36-month transition period, during which organizations can make the transition to the new standard version at any point they want.
The new ISO 27001:2022 requirements framework will largely follow the same principles as the previous version:
Most significant changes in the update:
We will inform you more next week, when the framework is available in Cyberday! 👍
We have received requests from our users to improve the remembering of different sortings and filters in Cyberday. Sometimes, for example, you want to list and see assets by priority, information security incidents by status, and your own Taskbook only for "needs attention" items.
Now these features have been improved in the following views:
Feel free to let us know if you'd like to see similar improvements for other views. These are examples of small additions we are constantly doing. 👍
Nowadays, you can define in Settings -> Guidebook settings in which languages the digital security guidance for personnel is maintained.
The template guidelines from Cyberday library are always automatically translated into all selected languages. Soon you will be able to take care of multilingualism in your own custom guidelines and in library guidelines you've edited.
You will see the content in the editing views of the guidelines separately in all the languages that you have selected to be available for the Guidebook.
You can now select multiple "owners" for the Security incidents documentation list. If you have allowed employees to report security incidents through the Guidebook, every user listed in this section will be automatically notified about each incident.
We made improvements on the print view of reports so that they could be better utilized as pdf versions also.
We recommend using reports mainly by sharing them directly in Teams, but supporting this way of use is also important to us. We are happy to receive any wishes for further improvement of the print view. 👍
A new login solution using Teams SSO has been developed for Cyberday's Teams application, which saves clicks from the new user and corrects some challenges associated with the previous login model.
After this update is published, you may be asked to re-allow the Cyberday app in the Teams environment. There has been no changes to the data required by the application. As an admin you can also allow the app on behalf of other users at once, and allowing the app applies to all end devices (desktop, browser, mobile).
You can now receive admin notifications and end user reminders directly in Slack (instead of Microsoft Teams or email).
1. Follow the card on the Dashboard to add the Slack app to your account.
2. Grant permissions on your Slack account
3. (Optional) Enable user syncing if you wish to get everyone in Slack as a Cyberday user
4. Start receiving notifications from the Cyberday bot in Slack!
Now all items on Taskbook, that jump to the "Needs attention" -section, will clearly communicate to you why they're there.
We are building a readiness assessment view that would serve e.g. the following uses:
As a result of the assessment, the organization gets a summary of current compliance, the strongest and weakest digital security themes, and an understanding of the most urgent improvements.