The latest CyberStrong releases are here, and they're focused on something our customers have been asking for: more visibility, more flexibility, and more automation across the platform. From a unified view of everything assigned to you, to customizable table layouts, a significantly expanded Asset Group feature set, and a growing workflow engine, releases 4.15 and 4.16 are designed to help your team move faster and manage risk more effectively.
Here's a full breakdown of what's new.
If you've ever had to navigate across multiple areas of the platform just to track everything you're responsible for, this update is for you.
The former My Controls tab has been renamed to My Work, and the change goes well beyond a name. This view now surfaces everything you are assigned to or collaborating on across CyberStrong, including:
Whether you're an analyst managing a handful of controls or a program lead overseeing a complex risk environment, My Work gives you a single, centralized starting point for your day.
No two users work the same way, and now your table views don't have to look the same either.
Tables across CyberStrong can now be personalized on a per-user basis. Click the gear icon on any supported table to add, remove, and reorder columns, or configure which filters are applied by default.
Customization is available across:
Your configuration is saved to your user profile, so your preferred views are always there when you need them.
A complete risk picture starts with complete data.
Previously, when populating a Risk Register with Industry Risks, users sometimes received only a subset of the 18 standard risk scenarios due to gaps in industry-specific data. That changes in this release. CyberStrong will now always populate all 18 risk scenarios — first identifying scenarios that match your industry settings, then filling in any remaining scenarios using the full Advisen data set.
If you'd like to add the additional scenarios to an existing risk register, follow these simple steps:
CyberStrong's Workflow Engine continues to grow. This release introduces the Findings creation workflow, bringing a new level of automation to how your team manages Findings from creation through resolution.
When a Finding is created or changes state, the workflow can automatically edit the Finding or create a Risk Register and associated Risks, including both Industry Risks and Risk Templates.
To configure workflow, go to Settings > Workflow > Configuration, then click Create New Workflow. Enter the Workflow Name and Workflow Description, Workflow Type (Findings or Asset Groups), and optionally Operation (Created or State Changed). Click Next.
Now you configure the workflow as follows:
Note: This is the first release of the Findings workflow capability. Additional workflow types, including Findings Management, Risk Management, and Assessment workflows, are planned for upcoming releases.
Custom frameworks just became a lot more flexible.
Previously, once a custom control or framework was created, it was locked — users had no way to edit or reorganize it. That limitation has been removed.
In this release, CyberStrong clients can now edit custom controls, reorder control actions within a control, and reorder controls on a framework. These changes make it easier to keep your custom frameworks accurate and organized as your program evolves.
Asset Groups are one of the most widely used features in CyberStrong, and this release brings one of the most comprehensive sets of enhancements to date.
Based on customer feedback, this update focuses on making Asset Groups easier to manage at scale and more deeply integrated with the rest of the platform.
You can now bulk update Asset Group fields, including Asset Type, Organizational Unit, Owner, and Attributes, saving teams managing large asset inventories significant time. For organizations using Security Ratings integrations, Asset Groups can now be imported directly from your ratings provider, with filtering controls to define exactly what gets brought in. This makes it easier than ever to support Third Party Risk Management use cases within CyberStrong.
On the organizational side, two new filters, Overdue Asset Groups and My Asset Groups, make it faster to surface the groups that need attention. Asset Groups now also support the Status, Complete, and Recur fields, giving teams more structure for tracking and managing group-level activity.
Additional improvements include an updated Assets view with Policy filters, the ability to add artifacts directly to Asset Groups via the Evidence tab, and the visibility of Security Ratings history in the Ratings tab.
Onboarding large control libraries just got faster.
For teams managing extensive control sets, manual entry is no longer the only option. From the Controls view, you can now generate a customizable import template and bulk upload controls directly into the platform. The system builds the template structure for you, just fill it in and import. The importer supports both Excel (.xlsx) and CSV formats, giving your team flexibility in how you prepare and deliver data.
Stand up your OU structure at scale.
The same bulk import capability is now available for Organizational Units. From the Organizational Units view, generate an import template and upload your OU structure in bulk. As with the Controls importer, the system automatically builds the appropriate template, and both Excel (.xlsx) and CSV formats are supported.
Releases 4.15 and 4.16 reflect what we hear most from our customers: give us more visibility, more flexibility, and tools that scale with our programs. We're grateful for the feedback that drives every release, and we're committed to continuing to build a platform that meets you where you are.
Have questions about any of the updates above? Reach out to your CSM — we're here to help you get the most out of every release.