Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.
Thanks! See you in your inbox on Fridays. :)
Unfortunately something went wrong. You can contact us at team@cyberdayai.
Recent #cybersecurity weekly digests
See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: 10 things I wish I knew before ISO 27001 process 👀 2024 cyber trends ⚖️

Published at 

17:02

Open digest

🛡️ Cyberdigest: Easter Greetings! 🐣 Read about NIS2 supervision and penalties 📝🛡️

Published at 

17:00

Open digest

🛡️ Cyberdigest: Read about EU's top frameworks! 🛡️ AI in cybersecurity 🧠 Next week's webinars ➡️

Published at 

17:00

Open digest

Webinars
See the full calendar? Go to Webinars-page >>
Watch now
Webinar

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Register now
Watch now
Webinar

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Register now
Watch now
Webinar

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Register now
Watch now
Webinar

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Register now
Watch now
Webinar

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Register now
Blog posts
Info of new posts? Subscribe now >>

ISMS implementation: comparison of documents, wikis, ISMS tools and GRC

There are a few different approaches to building an ISMS. In this post, we’ll compare these different methods, helping you understand which might be the best fit for your organization’s security management needs.

article

6.3.2025

What is Statement of Applicability (SoA) in ISO 27001?

In this blog, we'll cover the main purpose and benefits of a well-working Statement of Applicability document. We'll also explain why SoA is important, and 4 key roles it can play in information security work.

article

4.3.2025

Why is ISO 27001 compliance now more important than ever?

Year after year, ISO 27001 standard has remained one of the gold standards for information security. The global standard has remained relevant, but where did ISO 27001 originate? And why is it's popularity just going up?

article

27.2.2025

10 most common non-conformities in ISO 27001 audits

Audits and non-conformities drive organizations toward continuous improvement. But before your first ISO 27001 certification, it's good to be aware of some most common non-conformities, so you can avoid these in your certification audit.

article

18.2.2025

Got an ISO 27001 audit interview request - what should I expect?

In this blog, we will talk about the importance of employee participation in the audit interview process, why auditors value employee insights, and look into possible questions asked in an ISO 27001 interview.

article

13.2.2025

ISO 27001 compliance and certification checklist

Looking to ensure you fill ISO 27001 requirements? This checklist will present clearly ordered key steps that guide your organization in building an ISMS and getting compliant with the ISO 27001 standard.

article

6.2.2025

Most important documents in ISO 27001 certification audit

The ISO 27001 standard does specifically define some key documents, which need to be gathered together and be easily shareable e.g. for the auditor. In this blog, we'll present these most important documents for an ISO 27001 certification audit.

article

30.1.2025

NIS2 & national implementation: which local NIS2 laws are available in Cyberday?

EU Member States are required to adopt NIS2 into national law. Key national decisions include defining local authorities, monitoring mechanisms, and tailoring regulations to meet specific needs.

article

23.1.2025

News articles
Get weekly news? Subscribe now >>

100 people arrested in UK’s biggest fraud investigation

Over 200k victims were targeted via the iSpoof fraud website, which was taken down by Scotland Yard’s #cybercrime unit. 100 people arrested. Almost 20 people every minute were being contacted by scammers - stealing reported £50m.

Go to article at
25.11.2022

Bahamut cybermercenary group targets Android users with fake VPN apps

Active #malware campaign ongoing disquising as legitimate SecureVPN app. Main purpose of the app modifications is to extract sensitive user data and actively spy on victims’ messaging apps. Read a detailed analysis >>

Go to article at
25.11.2022

Ouch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked airline’s network

⚠️ #Ransomware breach can also lead to gross public humiliation. Daixin gang said Air Asia, who lost data of 5M passengers and all employees, had so chaotic and poorly-secured IT infra that it refuses to repeat the attack.

Go to article at
25.11.2022

ICS cyberthreats in 2023 – what to expect

2023 #cybersecurity trends: More attacks on "real economy" - food 🌾 transport 🚢 energy ⚡ medical 💊 Rising number of political hacktivists 🦹 Ransomware towards critical infra 🏭 Rise of embedded phishing pages on legitimate sites 🎣

Go to article at
25.11.2022

Token tactics: How to prevent, detect, and respond to cloud token theft

⚠️ When we increase MFA coverage, threat actors need more sophisticated techniques to compromise resources. Recently there's been a significant increase in token theft. Read Microsoft's DART team's report on the #cybersecurity threat >>

Go to article at
18.11.2022

Google to Pay $391 Million Privacy Fine for Secretly Tracking Users' Location

391M$ fine: Google's #privacy actions deemed deceptive. ⚠️ "misled users to think they turned off location tracking, but continued to collecting data" Location is combined with behavioral data to create user profiles eg for ad targeting.

Go to article at
18.11.2022

Instagram Impersonators Target Thousands, Slipping by Microsoft's Cybersecurity

⚠️ #Phishing attack targets 22k students in the US with a "unusual login on Instagram" scam. To note: attack used a valid 41-month old domain with a good reputation, and was able to pass e.g. MS 365 and Exchange email protections.

Go to article at
18.11.2022

It’s time. Delete your Twitter DMs

Twitter is in quite a chaos. Security people are advising to e.g. delete DMs 💬 and stop using Twitter SSO 🔐. Recently quitted Twitter employees include: - CISO - Head of Trust & Safety - CPO (privacy) - CCO (compliance) #cybersecurity

Go to article at
18.11.2022

The Biggest Phishing Breaches of 2022 and How to Avoid them for 2023

#Phishing attacks were once primitive and full of typos, but nowadays even experts have trouble identifying them. Top types in 2022: 🅰️ Typosquatting 🌐 Lookalike domains 👔 Executive impersonation 🧑‍💼 High-level employee targeting

Go to article at
11.11.2022

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementDynamic policy documentsPrivacy management
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryWeekly news digestsSubscribe to AcademyLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security