The CyberSaint team has been working hard to deliver the latest updates to streamline and improve our customers’ user experience and address their top-of-mind challenges. We’re thrilled to announce the latest additions and updates to the CyberStrong solution, which includes an entirely new navigation experience, a new Home Page, Hierarchical Role-Based Controls, and Custom Risk Types and Categories. Additionally, we’ve redesigned the NIST 800-30 Risk Register.
The blog below provides more details about the latest updates to CyberStrong and how this can improve your usage of our cyber risk management solution. These updates will be available on December 7, 2025.
CyberStrong 4.0
New Platform Navigation Experience
We’ve redesigned and updated the CyberStrong navigation experience to improve the overall experience for our clients.
This redesign includes shifting the navigation menu (Home, Executive Dashboards, Assets, Assessments, etc.) to the left pane, which includes personal and administrative settings. The left navigation pane can be collapsed and expanded to support additional screen real estate.
This update also includes reorganized Administrative Settings to support easier setup and administration.
New CyberStrong Home Page
We have redesigned the Home Page to align with our improvement of overall user experience and accommodate a shift from a compliance-focused Home Page. This redesign includes new dashboard widgets to consolidate data from other parts of the platform, including:
- Assessments
- Frameworks
- Risks
- Remediation
CyberStrong users can easily access top risk insights on the Home Page for streamlined use.
Hierarchical Role-Based Access Control
Our multi-tenancy capabilities, which leverage Teams, have previously been a bit complex and confusing. In addition, customers have asked for more flexibility in defining custom roles to provide access to the platform.
With the latest updates, we have implemented a new hierarchical role-based access control system. This will solve the complexities of multi-tenancy and empower the customers to have more flexibility with custom roles.
During the migration, the following will be updated:
- All asset groups, assessments, risk registers, remediation projects, dashboards, etc. will be mapped to their organizational unit based on the Teams to OU mappings completed before the migration.
- All users within teams will be added to groups.
- Access will be granted by group, role, and organizational unit.
Note: Teams to organizational unit mappings should have been completed before migration. Otherwise, all asset groups, assessments, risk registers, remediation projects, dashboards, etc., will be linked to the root organizational unit node.
CyberStrong Risk Hub
Redesigned NIST 800-30 Risk Register
Clients were finding it difficult to easily access risk data as the previous risk register was organized as a long list of data.
With the new update, we’ve split the Overview and Risks into separate tabs in the NIST 800-30 Risk Register. Each risk scenario is broken into three separate tabs as follows:
- Info - Basic details of the risk
- Details - Qualitative and quantitative risk details
- Controls - List of controls associated with risk
Note: These updates only apply to NIST 800-30 risk registers.
Custom Risk Types and Models
Prior to this update, the NIST 800-30 risk register supported default risk types and categories, but with a few enhancements, it could also support additional risks. Clients have requested a broader set of capabilities to add additional risk types and categories to the platform.
We have enhanced the NIST 800-30 risk register to support additional risk types and categories. The selected risk type will determine the categories available for that selection. Clients will have new default values for risk types and the corresponding categories. They can also add, delete, and edit additional risk types and categories.
The new default risk types and categories added include:
1. Compliance
- Laws
- Regulations
- Privacy
2. Cybersecurity
- Ransomware
- Malicious insider
- System Vulnerabilities
- Denial of Service
- Social Engineering
- Compromised/weak credentials
- Malware
- Access or Privilege Misuse
- Misconfiguration
- Human Error
- Code Exploitation
- Physical
- Third and fourth-party vendors
- Transmission Interception
- Missing or poor encryption
- Session hijacking
- Brute force
- Environmental Factors
3. Financial
- Credit
- Equity
- Interest Rate
- Currency
- Commodity
- Inflation
- Liquidity
- Model
- Valuation
- Country
- Political
4. Legal
- Contracts
- Intellectual Property
- Employment
5. Operational
- Business Disruption
- Business Processes
- Business Practices
- Employee Safety
- Internal Fraud
- External Fraud
6. Reputational
- Brand
- Social Media
- Quality
7. Strategic
- Budget
- Performance
- Management
- Business Environment
- Transaction
- Investor Relations
- Human Capital
- Technological
