Locate these two new frameworks now in Cyberday framework library!
ISA/IEC 62443 2-1 standard outlines requirements and guidance for securing industrial automation and control systems (IACS) and establishing a cybersecurity management system. It builds on ISO/IEC standards, emphasizing IACS-specific risks and forming the foundation for cybersecurity in operational technology.
DORA RTS on ICT risk management gives the regulatory technical standard (RTS) on ICT risk management framework as adopted by the European Commission according to DORA Article 15.
You can now also share reports via a direct link. This can be useful, for example, if you are using Cyberday via Teams and are about to start an audit, but do not want to invite the auditor to your own Teams environment.
The report sharing link is available by default for 30 days, after which it will automatically be disabled.
Report will be shared on "read only" -mode utilizing the latest published version of the report. 🚀
You can now view compliance reports on a simplified "statement of applicability" view.
This view aims to reduce related details, so you can focus (e.g. together with a partner) on defining the applicability of each requirement / control for your organization.
You'll now get better notified of new developments in Cyberday directly inside the app.
You'll see a red notifier on the Community-item on left menu, when there's something new for your on the Recent development -feed.
We regularly post most important upcoming and recently published improvements on the development feed. 👍
You can now enable an automated monthly key ISMS data export. This can be useful, if you want to e.g. save an offline copy of your selected key information for backup or continuity purposes.
You can enable the feature from settings and select the needed documentation lists and reports for the export. You'll receive an email monthly, which will include the link to download your data package. 👍
We have expanded the first implementation of Cyberday trust center.
Now you'll be able to e.g.:
You'll soon be able to enable an automated monthly key ISMS data export. This can be useful, if you want to e.g. save an offline copy of your selected key information for backup or continuity purposes.
You'll be able to enable the feature from settings and select the needed documentation lists and reports for the export. You'll receive an email monthly, which will include the link to download your data package. 👍
We will be expanding the first implementation of Cyberday trust center.
Soon you'll be able to e.g.:
Cyberday is now available in Polish.
We are focused on serving the EU market and will continue to add new EU languages to the service. 👍
Soon you will be able to assign a role as the owner for all different Cyberday contents instead of a direct user owner.
Roles will have their own management page, where you can link the desired users to roles and add your own roles. We will include a template list with the most common roles that are relevant to an ISMS.
Especially in larger organizations, role thinking can clarify things a lot. In addition, many security frameworks emphasize the importance of roles - and e.g. defining required competences and authorizations connected to roles - in systematic information security management work.
If you have linked many files from SharePoint or uploaded files directly to different items in Cyberday, you can now see a summary of these more easily on the Files page.
Tip: Pin the Files-page in the left menu if you use this side a lot. 👍
We revamped the risk matrix that is visible on Dashboard and e.g. in the "Risk management report" -report.
The matrix has now been made to include clearer sections for different risk levels where risks can be evaluated to. When using the residual risk evaluations, you will also see a post-treatment matrix, which now includes all risks (including those directly accepted), so that you can understand the total effects of your risk treatment better.
What should we focus on next? We want to help in this thinking with automated improvement suggestions.
Cyberday's Dashboard now has a dedicated section for improvement suggestions, which help you either improve your compliance score or the assurance level towards your primary framework. From the dashboard, you can access a more detailed page that lists 10 actions for each topic - and helps you track progress.
When users make changes on your information security management system, all important actions are recorded and shown in event logs, both at the organizational level and under individual items.
When the change has affected description texts (e.g. task's process description, text field on a documentation card, guideline content), you will now see an earlier version of the content in the log event. This information allows you to revert to an earlier version if a change needs to be undone.
Cyberday trust centers let you share selected information security reports with customers and other stakeholders in a professional and organized way.
You can enable your Cyberday trust center from the Reporting-page and define the wanted settings - e.g. which reports to include and will part of information will be available publicly or only by request.
.png)
