When you start creating a new report, you can now use a new type: Security statement.
Security statements are designed to be overviews of your tasks on a wanted detail level and scope. When creating a statement, you can choose which themes, policies or individual tasks you'd like to include on the report.
Statements are designed to enable you to create a good-looking "export" of wanted task content easily. They can be used for external communication (e.g. creating a broad security statement for customers) or internal reporting (e.g. creating a detailed topic-specific statement for internal communication).
We modified the presentation of reports when a user goes to the print-view via the Print button. Using this same route, you can always save the report in PDF format as well.
The print view now uses spacing and font sizes in a slightly more optimized way. Similarly, we always try to make a page change after the key sections, so that the new content clearly only starts on the next page.
We are happy to receive any feedback from you and further improve the printing mode in the future. 👍
Many Cyberday experts work on multiple organization accounts to help them progress in the information security work.
We create a new overview page to see all of your accounts. The page separates the trials, active accounts and closed accounts clearly. We also display the account according to their activity and items needing attention, i.e. overdues or pending reviews.
This page is especially important for our partners and we're very happy to hear any feedback and wishes. 👍
When you're viewing the task list / policy view, you can now clearly see the Task owner on the right column, before moving into the task details view.
Now it is possible to publish embed reports (e.g. privacy notices) separately in several languages. You can select the wanted language, when you're creating the report.
After you have created the report, you can see a translation section on the left menu to translate the terms in the report that are not automatically translated.
In all documentation tables, you can now use three important date fields and the desired year to filter items.
The related date fields are:
This will e.g. help you filter our "incidents happening in 2022" or "improvements progressed during 2023".
Now you can switch to view a previous version of the selected report by clicking on the selected version from the version log. In the future, we will bring in monthly status reports into Cyberday, where this is a particularly important feature.
At the same time, other clarifications were made to the left menu section of reports.
Non-conformities are important items in your ISMS which are especially managed in relation to internal audits. Non-conformities can be major, minor or morely "improvement potential".
All related places now display this vital type information better, so you can focus your attention on the most severe non-conformities.
You can now fetch units from AD and get current Cyberday users synced to the selected units. All AD groups are available to be used for syncing.
Find this feature from the new Edit structure -page.
You'll find a new page on the left menu, Organization -> Edit structure.
This page can be used to divide your organization into relevant units. Units are meant for e.g. delegating guidelines in a more targeted way. We're also developing a feature currently, where the implementation of a task can be separately delegated for selected units. This can be relevant in situations, where e.g. 2 clearly separate branches of your company have very different processes.
We rebuilt part of the SharePoint file linking logic, because the previously used ready-made libraries worked too in a too unstable way.
The feature of linking external files now works the same as it did before, but should fail a lot less. Also now you can complete the whole process inside Teams desktop app too, and don't need to jump to the browser Teams side. 👍
You can now connect multiple users to a single tasks, similarly as for documentation items previously.
You can use this feature e.g. when you have a large organization and need input from multiple units, or when you have e.g. a separate partner responsible for the technical implementation of a task, but your owner keeps the overall responsibility.
"Tasks you're participating in" will show up on the Taskbook for all users, but with a smaller emphasis than the tasks where you're the actual owner.
We regularly update Cyberday's content templates so that they remain in line with different security requirements and general good practices. Now it was time for the content update v46, during which we updated our documentation templates with numerous customer-wished improvements.
Changes are mostly "small but important". This update small summaries about the most notable changes.
We added the following sections:
The changes are intended to help identify critical partners and ensure that for important partners we have sufficient evidence gathered of their information security level.
We improved the management of other security requirements with the following additions:
With the help of these additions, it is possible to more clearly document, for example, additional commitments given to individual customers or own quality requirements - and related measures and other items in the management system.
Additions were made to the documentation cards of the units and sites, which will be included in the new "Organizational structure" page in the future. Through this page, you can more precisely define which units and sites your organization is made up of. Units can also be classified according to their nature (department, team, subsidiary, etc.) and into main units vs. sub-units.
Important small addition on the data store documentation cards:
We added an optional question on the data system card:
Topics related to user support can be addressed under the question.
We are just publishing 2 new frameworks to Cyberday!
NIS2 sets the baseline for cybersecurity measures, supply chain security and reporting obligations across critical industries, such as energy, transport, health, food, waste, public administration and digital infrastructure.
SOC 2 specifies how organizations should protect customer data from e.g. unauthorized access, security incidents or other vulnerabilities. It is developed by the American Institute of Certified Public Accountants (AICPA) and is especially popular in the USA.
Previously, when sharing reports from Cyberday, the listing was formed directly based on the selected framework and "starred" reports.
Now you can also choose another way for sharing reports, where you can freely pick the reports to be included. This method also supports all report types, i.e. you can also include list or item reports you have created yourself, as well as for example visual reports.