Recent development in Cyberday

Cyberday now includes 10 new frameworks:

• 4 new country-specific NIS2 implementations
• Saudi Arabia's PDPL
• CAF 4.0
• 3 different MSBFS regulations
• Resilience in the Energy Sector (Denmark)

These can all now be located and searched for in the frameworks page.

For more information, read our blog post about these new frameworks.

We have slightly overhauled and improved the visual design of the main documentation page.

Now the different documentation items are sorted into their respective type categories on one page, which makes finding desired documentation from this page easier.

Additionally, the record documentation lists have received an improved progress bar, which more clearly shows the statuses of items in each list. These more detailed summaries will also show anywhere a record documentation list is linked (e.g. to a report).

‍

The mass drafting feature for drafting multiple policies to the ISMS is now also available from the what's next? page (this was previously only available on the onboarding page).

Now if you have several policies with no content, you can choose to quickly draft several of them at a time with AI, which will mark task completion and add process descriptions to tasks in those policies based on your organisation's ISMS profile.

Note that this feature is not for creating finalized versions of all of your tasks. These should be reviewed when adding your assurance information to the tasks, for example.

In addition, policy pages have gotten a minor visual overhaul, now displaying a progress chart at the top of each page next to the assurance information.

During the last month we have made quite a few fixes to bugs new and old, as well as implemented some smaller features that were requested.

Fixes:

• Various search and filter functionalities should now work properly (e.g. on reporting, guidebook)
• Some other fixes to report functionalities such as sharing on teams and sharing to units displays properly now
• Guideline comments are now displayed better and can be marked as read
• Improvements to AI assistant language output
• Improvements to mass editing of documentation items
• Inviting users in French is now possible

Small features:

• You can now choose to assign a user to an entire policy directly from the first task you activate in that policy
• You can now ctrl + click (or cmd + click, middle click) on most pages and items in tables in the app to open them in a new tab

Nowadays, when a new Cyberday account is created, the first step we encourage the user to do is to fill their ISMS profile.

This profile filling can be smoothly done by just giving your website domain for the AI assistant, and reviewing the results yourself.

Now existing users can do the same through Settings -> ISMS profile. AI filling is available, when you go to edit your ISMS profile. See the screenshot below.

The main objective of the ISMS profile is to offer better context for Cyberday's AI assistant. It uses the ISMS profile to make suggested best practice content more relevant for your organization (e.g. when you're writing a description for a task or drafting a policy through the AI assistant).

If you choose to evaluate a policy in Cyberday by giving an existing document for the AI assistant, you'll now see better results before finishing the evaluation.

The AI assistant will copy the found citations from the document to the corresponding task's as their process description.

You'll see this appear on the evaluation view like this:

If your ISMS includes policies that don't yet have any active tasks in them, our AI assistant can help you create a baseline for the policies.

You can have the AI assistant carry out the evaluation based on an existing document, or have it draft you the baseline policy based on best practices and your ISMS profile.

If you choose the "Draft with AI" method, you'll see a summary of the selected tasks, statuses and written descriptions, and will need to confirm the result before any changes happen in your ISMS content.

When your ISMS has more data and better actual descriptions about how you implement different tasks, you can get a lot of value from the policy reports.

You can now also hide the "requirement text" on policy reports, using the settings on left menu. This can be useless information, especially when your own process descriptions are well-defined.

During this week, we published a larger set of fixes to smaller issues / bugs. These included e.g. topics like:

• reactivity issues on documentation cards (you were able to link a documentation item, and saw it appear only after a reload)
• reactivity issues on Guidebook (employee could press the "Accept" button on a guideline, but the guideline didn't immediately update it's status to accepted)
• owner avatar fixes (on some collection views the avatar for an item owner was missing)
• better account switcher on Taskbook / Guidebook

If you had reported some issue for our team, we're aiming to let you also know personally about their fixing. 👍

We just published the first version of Cyberday's AI assistant. We'll be continuing development of the assistant now continuously. 👍

Read more about the AI assistant:

• Test the AI assistant yourself through AI-button on right side of Cyberday
• Get familiar with the current skills of AI assistant
• Read the transparency notice of utilizing AI
• Read in more detail from help article

💡 You can vote and present any own ideas for AI assistant's development inside Cyberday on Community > Development ideas, on AI assistant idea group.

Mass-edit functionality is now available on the main table views in Cyberday.

You will be able to select multiple items (e.g. tasks, guidelines or documentation items) at once and implement generic actions for them, incl.:

• Assign owner
• Change status
• Set due date
• Set priority

Mass-edit will be first visible on most used views, e.g. documentation tables (data systems, risks, etc.) and main Tasks and Guidelines pages.

💡 This development idea has been one of the most wished on Development ideas -forum inside Cyberday Community.

We're constantly researching new information security framework and bringing relevant ones into the Cyberday framework library.

We often get questions about the similarity / overlap between different frameworks.

To help anyone investigate this aspect, we've created a new tool on Cyberday.ai website, which enables you to compare any 2 framework included in the Cyberday framework library.

Test the Framework comparison tool >>

For a long time we've been developing and using AI tools on our framework and content development sides. Now we want to take the next step - bringing an AI assistant to help our users inside the Cyberday app.

Cyberday's AI assistant will help you e.g. in the following ways:

• Assists you in getting things done: Helps you write task descriptions that are customized for your organizations industry and size and your personal selections, assists you in picking the most relevant frameworks, assists you in writing personnel guidelines and training content, etc.
• Analyzes your compliance and gives priorization tips: This will include e.g. creating analysis reports of your compliance report for a single framework that provide most critical improvements and easiest quick wins to implement next - to improve your compliance score, and full ISMS analysis to help you notice, which parts of the ISMS system you should focus on improving next.
• Advises you in information security and Cyberday usage: Explains you task requirements in plain language, guides you to correct parts in Cyberday, explains you functionalities on different pages.

We're publishing the first version of the AI assistant during September and then we'll continue making it smarted and more useful continuously. 👍

During the summer, we’ve focused heavily on expanding Cyberday’s framework coverage.

We recently released 12 new national implementations of the EU NIS2 directive, along with a new framework for Belgium’s critical infrastructure law. Some of the new frameworks are based on draft laws, while others are already in effect. We'll continue updating these frameworks as the national regulations progress.

Read more (and see overlaps with EU NIS2): 12 new NIS2 national frameworks now live

Locate these two new frameworks now in Cyberday framework library!

ISA/IEC 62443 2-1 standard outlines requirements and guidance for securing industrial automation and control systems (IACS) and establishing a cybersecurity management system. It builds on ISO/IEC standards, emphasizing IACS-specific risks and forming the foundation for cybersecurity in operational technology.

DORA RTS on ICT risk management gives the regulatory technical standard (RTS) on ICT risk management framework as adopted by the European Commission according to DORA Article 15.

‍