Recent development in Cyberday

For a long time we've been developing and using AI tools on our framework and content development sides. Now we want to take the next step - bringing an AI assistant to help our users inside the Cyberday app.

Cyberday's AI assistant will help you e.g. in the following ways:

• Assists you in getting things done: Helps you write task descriptions that are customized for your organizations industry and size and your personal selections, assists you in picking the most relevant frameworks, assists you in writing personnel guidelines and training content, etc.
• Analyzes your compliance and gives priorization tips: This will include e.g. creating analysis reports of your compliance report for a single framework that provide most critical improvements and easiest quick wins to implement next - to improve your compliance score, and full ISMS analysis to help you notice, which parts of the ISMS system you should focus on improving next.
• Advises you in information security and Cyberday usage: Explains you task requirements in plain language, guides you to correct parts in Cyberday, explains you functionalities on different pages.

We're publishing the first version of the AI assistant during September and then we'll continue making it smarted and more useful continuously. 👍

We recently released 6 new frameworks to Cyberday's framework library.

Frameworks published on this batch were:

• CER Directive: The Critical Entities Resilience (CER) Directive is an EU law focused on strengthening the resilience of critical entities providing essential services across various sectors, ensuring they can withstand a range of threats and hazards .
• Cybersicherheitsverordnung 🇨🇭: The Cybersicherheitsverordnung (CSV) is a Swiss ordinance detailing the implementation of the Information Security Act (ISG), mandating cyberattack reporting for critical infrastructure and defining cybersecurity roles and strategies.
• Cybersikkerhedsloven 🇩🇰: The Law on Measures to Ensure a High Level of Cybersecurity (Cybersikkerhedsloven) is the Danish implementation of the NIS2 Directive, enhancing cybersecurity across critical sectors.
• Lov om digital sikkerhet 🇳🇴: The 'Lov om digital sikkerhet' is Norway's implementation of the EU's NIS2 Directive, enhancing cybersecurity standards for essential services and expanding the scope of regulated entities.
• Sikkerhetsloven 🇳🇴: The Security Act (Sikkerhetsloven) is a Norwegian law designed to safeguard national security interests by preventing and counteracting security threats.
• Säkerhetsskyddslagen 🇸🇪: The Swedish Security Protection Act regulates security measures for activities of importance to Sweden's security, applying to both public and private sectors.

We nowadays have a growing team focused on our framework content technology and constantly bringing in new frameworks to Cyberday. Our main focus is information security related frameworks in the EU, but any wishes about new frameworks are valued. Feel free to contact us with any wishes through chat or at team@cyberday.ai. 👍

We're introducing a mass-edit functionality on some main views in Cyberday soon.

You will be able to select multiple items (e.g. tasks, guidelines or documentation items) at once and implement generic actions for them, incl.:

• Assign owner
• Change status
• Set due date
• Set priority

Mass-edit will be first visible on most used views, e.g. documentation tables (data systems, risks, etc.) and main Tasks and Guidelines pages.

During the summer, we’ve focused heavily on expanding Cyberday’s framework coverage.

We recently released 12 new national implementations of the EU NIS2 directive, along with a new framework for Belgium’s critical infrastructure law. Some of the new frameworks are based on draft laws, while others are already in effect. We'll continue updating these frameworks as the national regulations progress.

Read more (and see overlaps with EU NIS2): 12 new NIS2 national frameworks now live

Locate these two new frameworks now in Cyberday framework library!

ISA/IEC 62443 2-1 standard outlines requirements and guidance for securing industrial automation and control systems (IACS) and establishing a cybersecurity management system. It builds on ISO/IEC standards, emphasizing IACS-specific risks and forming the foundation for cybersecurity in operational technology.

DORA RTS on ICT risk management gives the regulatory technical standard (RTS) on ICT risk management framework as adopted by the European Commission according to DORA Article 15.

‍

You can now also share reports via a direct link. This can be useful, for example, if you are using Cyberday via Teams and are about to start an audit, but do not want to invite the auditor to your own Teams environment.

The report sharing link is available by default for 30 days, after which it will automatically be disabled.

Report will be shared on "read only" -mode utilizing the latest published version of the report. 🚀

You can now view compliance reports on a simplified "statement of applicability" view.

This view aims to reduce related details, so you can focus (e.g. together with a partner) on defining the applicability of each requirement / control for your organization.

You'll now get better notified of new developments in Cyberday directly inside the app.

You'll see a red notifier on the Community-item on left menu, when there's something new for your on the Recent development -feed.

We regularly post most important upcoming and recently published improvements on the development feed. 👍

You can now enable an automated monthly key ISMS data export. This can be useful, if you want to e.g. save an offline copy of your selected key information for backup or continuity purposes.

You can enable the feature from settings and select the needed documentation lists and reports for the export. You'll receive an email monthly, which will include the link to download your data package. 👍

‍

We have expanded the first implementation of Cyberday trust center.

Now you'll be able to e.g.:

• Add your own important documents (e.g. certificates, testing statements) to trust centers
• See and manage all the access requests to your trust center clearly inside the Cyberday app
• Fill basic information to welcome a visitor

You'll soon be able to enable an automated monthly key ISMS data export. This can be useful, if you want to e.g. save an offline copy of your selected key information for backup or continuity purposes.

You'll be able to enable the feature from settings and select the needed documentation lists and reports for the export. You'll receive an email monthly, which will include the link to download your data package. 👍

We will be expanding the first implementation of Cyberday trust center.

Soon you'll be able to e.g.:

• Add your own important documents (e.g. certificates, testing statements) to trust centers
• See and manage all the access requests to your trust center clearly inside the Cyberday app
• Fill basic information to welcome a visitor

Cyberday is now available in Polish.

We are focused on serving the EU market and will continue to add new EU languages ​​to the service. 👍

Soon you will be able to assign a role as the owner for all different Cyberday contents instead of a direct user owner.

Roles will have their own management page, where you can link the desired users to roles and add your own roles. We will include a template list with the most common roles that are relevant to an ISMS.

Especially in larger organizations, role thinking can clarify things a lot. In addition, many security frameworks emphasize the importance of roles - and e.g. defining required competences and authorizations connected to roles - in systematic information security management work.

If you have linked many files from SharePoint or uploaded files directly to different items in Cyberday, you can now see a summary of these more easily on the Files page.

Tip: Pin the Files-page in the left menu if you use this side a lot. 👍