Recent development in Cyberday

Nowadays, when a new Cyberday account is created, the first step we encourage the user to do is to fill their ISMS profile.

This profile filling can be smoothly done by just giving your website domain for the AI assistant, and reviewing the results yourself.

Now existing users can do the same through Settings -> ISMS profile. AI filling is available, when you go to edit your ISMS profile. See the screenshot below.

The main objective of the ISMS profile is to offer better context for Cyberday's AI assistant. It uses the ISMS profile to make suggested best practice content more relevant for your organization (e.g. when you're writing a description for a task or drafting a policy through the AI assistant).

If you choose to evaluate a policy in Cyberday by giving an existing document for the AI assistant, you'll now see better results before finishing the evaluation.

The AI assistant will copy the found citations from the document to the corresponding task's as their process description.

You'll see this appear on the evaluation view like this:

If you're ISMS includes policies that don't yet have any active tasks in them, our AI assistant can help you create a baseline for the policies.

You can have the AI assistant carry out the evaluation based on an existing document, or have it draft you the baseline policy based on best practices and your ISMS profile.

If you choose the "Draft with AI" method, you'll see a summary of the selected tasks, statuses and written descriptions, and will need to confirm the result before any changes happen in your ISMS content.

When your ISMS has more data and better actual descriptions about how you implement different tasks, you can get a lot of value from the policy reports.

You can now also hide the "requirement text" on policy reports, using the settings on left menu. This can be useless information, especially when your own process descriptions are well-defined.

During this week, we published a larger set of fixes to smaller issues / bugs. These included e.g. topics like:

• reactivity issues on documentation cards (you were able to link a documentation item, and saw it appear only after a reload)
• reactivity issues on Guidebook (employee could press the "Accept" button on a guideline, but the guideline didn't immediately update it's status to accepted)
• owner avatar fixes (on some collection views the avatar for an item owner was missing)
• better account switcher on Taskbook / Guidebook

If you had reported some issue for our team, we're aiming to let you also know personally about their fixing. 👍

We just published the first version of Cyberday's AI assistant. We'll be continuing development of the assistant now continuously. 👍

Read more about the AI assistant:

• Test the AI assistant yourself through AI-button on right side of Cyberday
• Get familiar with the current skills of AI assistant
• Read the transparency notice of utilizing AI
• Read in more detail from help article

💡 You can vote and present any own ideas for AI assistant's development inside Cyberday on Community > Development ideas, on AI assistant idea group.

Mass-edit functionality is now available on the main table views in Cyberday.

You will be able to select multiple items (e.g. tasks, guidelines or documentation items) at once and implement generic actions for them, incl.:

• Assign owner
• Change status
• Set due date
• Set priority

Mass-edit will be first visible on most used views, e.g. documentation tables (data systems, risks, etc.) and main Tasks and Guidelines pages.

💡 This development idea has been one of the most wished on Development ideas -forum inside Cyberday Community.

We're constantly researching new information security framework and bringing relevant ones into the Cyberday framework library.

We often get questions about the similarity / overlap between different frameworks.

To help anyone investigate this aspect, we've created a new tool on Cyberday.ai website, which enables you to compare any 2 framework included in the Cyberday framework library.

Test the Framework comparison tool >>

For a long time we've been developing and using AI tools on our framework and content development sides. Now we want to take the next step - bringing an AI assistant to help our users inside the Cyberday app.

Cyberday's AI assistant will help you e.g. in the following ways:

• Assists you in getting things done: Helps you write task descriptions that are customized for your organizations industry and size and your personal selections, assists you in picking the most relevant frameworks, assists you in writing personnel guidelines and training content, etc.
• Analyzes your compliance and gives priorization tips: This will include e.g. creating analysis reports of your compliance report for a single framework that provide most critical improvements and easiest quick wins to implement next - to improve your compliance score, and full ISMS analysis to help you notice, which parts of the ISMS system you should focus on improving next.
• Advises you in information security and Cyberday usage: Explains you task requirements in plain language, guides you to correct parts in Cyberday, explains you functionalities on different pages.

We're publishing the first version of the AI assistant during September and then we'll continue making it smarted and more useful continuously. 👍

During the summer, we’ve focused heavily on expanding Cyberday’s framework coverage.

We recently released 12 new national implementations of the EU NIS2 directive, along with a new framework for Belgium’s critical infrastructure law. Some of the new frameworks are based on draft laws, while others are already in effect. We'll continue updating these frameworks as the national regulations progress.

Read more (and see overlaps with EU NIS2): 12 new NIS2 national frameworks now live

Locate these two new frameworks now in Cyberday framework library!

ISA/IEC 62443 2-1 standard outlines requirements and guidance for securing industrial automation and control systems (IACS) and establishing a cybersecurity management system. It builds on ISO/IEC standards, emphasizing IACS-specific risks and forming the foundation for cybersecurity in operational technology.

DORA RTS on ICT risk management gives the regulatory technical standard (RTS) on ICT risk management framework as adopted by the European Commission according to DORA Article 15.

‍

You can now also share reports via a direct link. This can be useful, for example, if you are using Cyberday via Teams and are about to start an audit, but do not want to invite the auditor to your own Teams environment.

The report sharing link is available by default for 30 days, after which it will automatically be disabled.

Report will be shared on "read only" -mode utilizing the latest published version of the report. 🚀

You can now view compliance reports on a simplified "statement of applicability" view.

This view aims to reduce related details, so you can focus (e.g. together with a partner) on defining the applicability of each requirement / control for your organization.

You'll now get better notified of new developments in Cyberday directly inside the app.

You'll see a red notifier on the Community-item on left menu, when there's something new for your on the Recent development -feed.

We regularly post most important upcoming and recently published improvements on the development feed. 👍

You can now enable an automated monthly key ISMS data export. This can be useful, if you want to e.g. save an offline copy of your selected key information for backup or continuity purposes.

You can enable the feature from settings and select the needed documentation lists and reports for the export. You'll receive an email monthly, which will include the link to download your data package. 👍

‍