.png)
When an item is due in 7 days or due today, the bot of Cyberday Teams app will now send the owner a reminder.
In Cyberday all items include an event log, where users can also type in their own, timestamped comments.
This log can also be utilized to facilitate collaboration with colleagues. You can use @-sign to mention another user in the log.
The user is now notified of this directly inside MS Teams or via email, if your account isn't connected to Teams. Notification includes a direct link straigh to the item where the comment was posted to.
When you want to delegate the implementation of a task to certain responsible persons through Cyberday, you can use the "Add participants" function on the task card.
This works well in situations where, for example, the implementation of a task differs from unit to another and for this purpose it is desired to involve the persons in charge of the units. It may also be important to delegate a certain tasks to e.g. data system owners (e.g. reviewing access rights), which can also be performed in this style.
When a person is marked as a participant in a task, he or she sees the task as well as the implementation instructions written by the owner in his or her Taskbook, but it is clearly different from the tasks in which the person is the owner.
We made the event log of an individual item look clearer. For example, users' own comments or additions on the log are now highlighted more along with events that affect the status of the item.
The log is also now updated in real time as changes are made.
Documentation lists for work records, i.e. Risks, Audits or Continuity plans, have their own workflow in Cyberday.
This workflow is displayed above the table view and allows you to easily filter only the items at a particular stage.
An individual item (e.g. a risk) is also automatically forwarded in the workflow as the risk owner marks questions as done on the documentation card.
From the All documentation -view, you can now see more clearly what kinds of documentation have accumulated in your Cyberday account.
In the future, we will make further modifications so that, for example, the documentation related to data assets better communicates links to other data assets and the documentation related to work results (e.g. risk management) has a stronger workflow which describes progress in the work.
In Cyberday units are used e.g. to target guidelines to relevant staff. In the future, you will can also require a certain unit to participate in the execution of a specific task.
Now the owners of the most important data assets (such as data systems, databanks, risks, units) operate as automatic units in Cyberday. For example, you can target a guideline to all data system owners, and this user list is automatically updated according to the documentation.
We developed user filtering for this view. If you are the most active administrator for your account, you can now easily set the event log to show events from others than yourself, so you can see who has been helping you get cyber security work forwards.
You can now specify in Cyberday settings which guideline languages you want allow for employees.
If more than one language is enabled, employees will see the language selection in the left menu of the Guidebook.
Cyberday sample guidelines automatically work well multilingually. For the time being, you must use the "official" language of the organization for your own custom guidelines or write all versions in the content of the guideline.
A setting for "acceptable level of risk" has been introduced to support risk management. This can be configured via the Settings view.
The idea of an acceptable level of risk is to tell the user whether, based on the current risk evaluation, the risk requires more detailed treatment or whether it can be directly accepted.
We briefly revamped the Reporting page. When you go to Reporting, you'll immediately see all the reports you've created on your account.
When you go to framework-specific Reporting page, you'll still see all report templates you haven't yet created in the same style as before.
As an admin you can utilize the "All documentation" view to understand the readiness related to documenting your data assets (data systems, databanks, etc.), stakeholders (system providers, data processors) or your own digital security work (risk management, impact assessments).
Now you can also see from this table a summary of how many items in each list are overdue (due date in the past and not in the status "processed") or pending for review (review interval is set and in the past).
We created a new report template, that enables you to communicate the overall concept of your cyber security management system, the most important responsibilities amongst your people and give an overall summary of compliance with different frameworks.
If you have any wishes related to reporting, please feel free to contact us in chat or at team@cyberday.ai.
Log shows events when any of the users:
In the context of cyber security risk management, a clear risk level is now presented for each risk, which is calculated automatically through the severity and probability choices made on the risk card. You may want to either sort or filter your own risk list according to risk level, for example, to see the most critical, untreated risks.
The scale used in the risk assessment can also be modified on the Settings page. Scale 1-3 produces risks of level 1-9, scale 1-5 produces significantly more variability (levels 1-25).
