What's New in MyCompliance

Admins now have the flexibility to delete fusion templates before they’ve been published. This enhancement allows for more control and reduces potential clutter from unused templates.

We’ve enhanced the user experience by giving Cyber Police a dedicated and prominent space in the ‘Not Typical eLearning’ tile on the Teams app homepage. This change not only makes the content easier to find but also encourages engagement with more dynamic, story-driven security training.

Problem – Admins were finding it difficult to manage reminder emails effectively due to the lack of flexibility over reminder frequency and timing. These limitations made it hard to align reminder systems with internal compliance standards and escalation processes, which is critical to managing human risk.

Solution – We are introducing enhanced customisation for reminder emails, providing you with full control over when and now, how often they are sent.  With this update, you can adjust reminder frequencies to weekly, bi-weekly or monthly. This flexibility allows you to align reminders with your organisation’s compliance criteria.

Value – Our admins understand the importance of timely, relevant reminders in driving compliance and reinforcing security behaviours. This update gives you the flexibility and control needed to optimise engagement with training programs that are crucial to reducing human risk.

We have introduced ISO 27001:2022 as a new category, allowing customers to assign policies and other content directly to the latest ISO standard. This ensures clear organisation and documentation of compliance efforts, which is critical during ISO audits. The ISO 27001:2013 category will remain available to support existing content. View more.

Features & Benefits:

• Up-to-date compliance: Align policies and content with latest ISO27001:2022, ensuring readiness for audits.
• Seamless integration: Easily assign, filter, and manage content like other standards (NIST, PCI DSS).
• Improved audit preparedness: Simplifies demonstrating compliance via the Category Overview Report, making audit processes faster and more effective.

Security leaders are increasingly concerned about how well their teams understand and retain critical security training. However, current reporting lacks insight into how many attempts it takes for users to successfully pass a course quiz. This lack of visibility makes it challenging to assess comprehension levels and identify potential human risks within the organisation.

We have introduced a new feature in the Fusion Course Analysis report that tracks the number of attempts users make to pass a quiz. This enhancement will provide administrators with deeper insights into user performance, allowing for more informed decision-making around training effectiveness and potential areas of vulnerability.

Features & Benefits:

• Detailed Attempt Tracking: Administrators can now see the exact number of attempts each user took to pass a quiz, providing a clear indicator of how well users are absorbing and retaining the training material.
• Integrated Reporting: This new data is seamlessly integrated into the Fusion Course Analysis report, displayed alongside quiz scores, making it easy to analyse performance without additional tools or steps.
• Custom and Embedded Quizzes: Whether it’s an embedded or a custom quiz, the number of attempts is tracked and reported, ensuring comprehensive coverage across all types.
• Actionable Insights: By understanding how many attempts are needed, admins can identify users or groups who may need additional support, helping to reduce human risk and improve overall security posture.

The ability to track quiz attempts provides a clearer picture of how effectively users are learning and retaining crucial security information. By leveraging these insights, you can tailor training initiatives, address potential weaknesses early on, and ultimately foster a more security-conscious culture within your organisation.

This feature addresses the need for a more modern and streamlined user interface by refreshing the design of the DACH Outlook Web App Plugin, including the logo and customer-facing messages or modals seen by end users when reporting emails. Implementing this feature leads to an improved user experience by providing a cleaner, fresher look throughout the button and all associated modals. By adopting this feature, organisations can benefit from a more cohesive and professional appearance, enhancing both usability and visual appeal for end users.

This feature addresses the limitations in learning experience content for multilingual phishing simulations by enabling the use of all types of Learning Experience formats beyond video.

By allowing admins to choose from a wider range of content types for their phishing simulation learning experience, this enhancement improves flexibility and caters to different learning preferences, leading to better comprehension and retention for users in multilingual environments.

Implementing this feature leads to a more tailored and effective approach to cybersecurity training across diverse linguistic groups.

By adopting this feature, businesses can achieve higher engagement and improved training outcomes in phishing simulations, ensuring a more robust defense against phishing attacks.

Some customers faced challenges when the original reporter decided to leave the organisation, incident ownership defaults to the administrator, with no option of reassign the incident to another individual. Also, the incident reporter was not visible across all our reports, which in turn took longer to track accountability.

Features:

We have added a new “Change Incident Reporter” option allows administrators to reassign incident ownership easily.

Additionally, we have enhanced the Incident Report and Summary views by adding the “Incident Reporter” to these reports. This provides clear visibility into who reported each incident across all our reports.

View more.

Benefits:

• Flexibility: Reassign incidents to the right person, ensuring accurate ownership.
• Clear Visibility: Quickly see who reported each incident without extra steps.
• Improved Management: Maintain context and streamline incident handling, even when reporters leave.

To help improve navigation, we have integrated the Assessment Creator and Assessment Reporting features as tiles directly onto the main Privacy Admin homepage and moved their positions on the left navigation panel.

Features & Benefits:

• Consistent Layout: Aligns with existing modules (Policy, Learning, Phish) for a unified user journey.
• Ease of Access: Reduces training time by making key features readily accessible.

This improvement helps streamline the user navigation and enables data protection & security teams to have quick access to some of the most used features.

This feature addresses the problem of only recording end user IP addresses when they complete the phish learning experience causing confusion and inconsistencies in phish reporting.

By updating the phish reporting mechanism to record IP addresses when users click on a phish instead of when they open a learning experience, this feature solves the problem by providing clear and consistent data throughout reports.

Implementing this feature leads to increased credibility and accuracy in phish reporting, as IP addresses will be reliably recorded during the phish interaction, and organisations can trust the data for dispute resolution.

By adopting this feature, businesses can achieve enhanced data integrity, driving overall growth and success through improved trust and reliability in phishing simulation results.

Manual interventions, routine tasks, and human error in processes all slow down human risk management initiatives and productivity on the platform.

MetaFlows is a dynamic rule-based engine that automates actions based on a set of predefined rules. It allows you to create custom rules for proactive responses and automated actions on the platform. This feature is designed to eliminate manual tasks, providing seamless automation tailored to your unique workflows.

1. Rule-Based Intelligence: Set custom rules for tailored automation to save you time.
2. Effortless Integration: Works with your existing modules.
3. Real-time Triggers: Immediate actions based on events to ensure timely risk remediation.
4. Scalability: Grows with your business needs.
5. Audit and Reporting: Track and optimises workflows easily to demonstrate proactive risk management.

MetaFlows boosts efficiency, cuts down manual work, and reduces errors in human risk management. It helps teams focus on strategic tasks and strengthens your security posture with smart automation.

How to set up MetaFlows: More information here

Introducing a new feature that allows admins to export all responses for one survey into excel.

Features:

1. Export Button: Clearly visible export button in the survey analysis report.
2. Excel Export Format: Exported Excel file containing structured data, including survey name, question number, question text, user details (if not anonymous), and response text.
3. Anonymity Respect: Ensures anonymous surveys do not include user-identifiable information.

Benefits:

1. Time Savings: Drastically reduces the time needed to review survey responses by enabling bulk data export.
2. Enhanced User Experience: Simplifies the process for admins, making data analysis more accessible and straightforward.
3. Data Analysis Support: Provides a structured format for survey data, facilitating deeper insights and more comprehensive analysis.

This new export feature is essential for improving awareness and managing human risk effectively within your organisation. By streamlining the data analysis process, it allows you to quickly identify trends from survey responses. This enables more informed decision-making and enhances the overall security posture.

Introducing a feature that sends the registration emails in users’ preferred languages. This enhancement ensures that all initial communications are compliant and comprehensible, improving the user experience and operational efficiency.

Features:

1. Pre-made Language Registration Emails: Access to 43 pre-translated registration email templates.
2. Customisable Templates: Ability to edit email templates to include logos and other customisations.
3. Automated Language Selection: Registration emails are sent automatically in the user’s preferred language if that information is populated.

Benefits:

1. Improved Efficiency: Eliminates the need for manual translation insertion, saving valuable admin time.
2. Enhanced User Experience: Users receive emails in their preferred language, improving comprehension and engagement.

By ensuring that registration emails are sent in the user’s preferred language, it fosters better communication and understanding, reducing the risk of misinterpretation and non-compliance.

More info here

We have introduced our enhanced formatting capability for the privacy and incident assessment guidance modals.

Features & Benefits

• Bullet Points: Organize guidance into easy-to-read bullet points, ensuring clarity and quick comprehension.
• Paragraph Formatting: Structure guidance into coherent paragraphs for improved readability.
• Hyperlinks: Add clickable hyperlinks to guide users to additional resources, websites, or supporting materials like videos.
• Text Styling: Utilize bold and underline features to highlight critical information.

Why Use It

• Improved User Experience: Well-formatted guidance ensures users can quickly grasp and follow instructions and guidelines.
• Enhanced Communication: Clear and concise formatting aids in better communication of important information.

By adopting our enhanced formatting feature, you can improve user engagement and increased understanding of your questions, leading to better responses being provided by end user users. Please see here for more information.

Business User have been facing challenges when they need to delete content, such as MP4s or PDFs, after uploading them to a Fusion course. This results in a dependency on Administrators to manage content deletion and movement between categories on behalf of the Business Users.

To address this issue, we have made the content tab accessible to all business users who have the existing ‘Campaigns: In Progress’ permission enabled.

Features & Benefits

• Content Management Rights: Business users will have the same rights as admins for content they can see within the content in progress table (excluding the ‘Show to End User’ column).
  • View Content: Easily view all uploaded content.
  • Delete Content: Delete any uploaded content, reducing reliance on admins.
  • Update Category: Update the category for their own content, ensuring proper organisation.

For more information, please see here.

We are updating the system so that course completion emails are sent from a recognisable custom address, consistent with other end user communications.

Features:

1. Custom From Address: Course completion emails will now be sent from a customisable and recognisable address.
2. Consistent Communication: Aligns the sender address of course completion emails with other end user notifications.

Benefits:

1. Improved User Experience: Users will recognise the sender, increasing their confidence in the legitimacy of the email.
2. Enhanced Trust: Consistent communication addresses reduce the risk of users ignoring or mistrusting important emails.
3. Strengthened Security Awareness: Ensures users can distinguish genuine communications, supporting better human risk management.

By ensuring that course completion emails come from a recognisable address, users are more likely to trust and engage with the email. This trust is essential for reinforcing the legitimacy of security training and other critical communications.

We are refining the Recurring Phish Victims Report to redefine ‘Last Offense’ as the last time a phishing failure occurred. This includes clicks, QR code scans, data entries, or attachment openings, but excludes email opens. This improvement ensures more accurate and useful phish failure data.

Benefits:

1. Improved User Experience: Enhances engagement with the reporting tool by providing more relevant and accurate information.
2. Increased Efficiency and Productivity: Streamlines admin workflows by ensuring reports reflect meaningful data, aiding in more effective decision-making.
3. Enhanced Risk Management: Provides clearer insights into user behaviour and vulnerabilities, allowing for more targeted and effective security training.

By providing accurate tracking of genuine phishing failures, the refined report helps in identifying high-risk individuals and tailoring training efforts more effectively.

We have introduced an enhancement to include the Engagement and Average Quiz Attempt risk factors in the risk scoring calculation for SCORM transfer courses. This feature will be available during the course creation process and in the Learning in Progress table, under the actions column.

Features & Benefits

• Comprehensive Risk Scoring: Integrate engagement and quiz attempt risk factors with SCORM transfer courses, providing a more complete risk score for your users.
• Customisable Risk Inclusion: Easily add the ‘include in risk score’ option during SCORM course creation and within the Learning in Progress table.

Please see here for more information.

We have introduced a new feature to ensure that the end user departmental training question and reports can be managed more effectively.

Features & Benefits

• Optional Departmental Training Question: A new enable/disable toggle is available within the Company Edit settings, allowing customers to choose whether to display the Departmental Training question to end users on their homepage and the related reports within the Admin Risk Dashboard.

Please see here for further information.

Administrators require detailed insights into the factors influencing user risk scores to improve security awareness and manage human risk effectively.

To address this, we have introduced new risk factor insights providing greater visibility into what influences risk scores and which departments they relate to. This includes adding columns for Engagement Score, Quiz Attempts Score, and Phishing Interactions Score along with their Department, Sub Groups and User Status to the following reports:

• Organizational Risk Levels
• Preferred Departmental Training vs Employee Risk
• Preferred Language

Features & Benefits

• Engagement Score: Tracks user engagement, helping identify those who are actively participating or disengaged.
• Quiz Attempts Score: Measures the users average number of quiz attempts within Fusion Courses
• Phishing Interactions Score: Monitors interactions with phishing simulations.
• Department & Group Name: Ability to view user’s Department and Group Names to identify which department the user belongs to.
• User Status Visibility:  To help identify is a user is currently active or on long term leave.

Why Use Risk Insights?

• Enhanced Risk Visibility: Gain a clear understanding of what drives risk scores, allowing for more informed decision-making.
• Improved Human Risk Management: Identify specific factors contributing to increased or decreased risk, enabling targeted interventions.

Further information can be found here.

Many end users prefer a seamless viewing experience for video-based courses, ensuring they watch the full content without interruptions. Previously, the settings to autoplay videos and disable fast-forwarding found within the platform Company Edit settings were not available for MetaEngage.

Features and Benefits:

• Autoplay Videos: Videos within Fusion courses will automatically play when accessed via MetaEngage if the autoplay setting is enabled. This ensures a smooth and uninterrupted learning experience.
• Disable Fast-Forward: When enabled, this feature restricts users from skipping through videos in Fusion courses delivered via MetaEngage. This ensures that users watch the entire video content, which can be crucial for compliance and thorough understanding.

By integrating these features into MetaEngage, we enhance the user experience, ensuring consistent application of company-wide video settings. This not only maintains the integrity of the training material but also ensures that users gain the full benefit of the content provided.

Please note: this feature is only available for customers who upgraded to MetaEngage version 2 or above.

Admins often face difficulties ensuring that employees complete their cyber security training. One common issue is the inability to resend email notifications to users who cannot find the initial email, leaving them unable to access and complete their training. This results in increased human risk and lower overall security awareness within the organisation.

To address this challenge, we have introduced a manual email reissue feature. This feature allows admins to instantly resend email notifications to users directly from the ‘Learning in Progress’ page, ensuring that important training emails are at the top of their inboxes.

• Instant Resend: The ‘Resend Email ‘ button for courses allows admins to quickly resend email notifications to users who cannot find the original email.
• User-Friendly Interface: Admins can easily enter a user’s email and send notifications without interfering with automatic reminders.
• Error Handling: System provides feedback if an email is incorrect, ensuring accurate targeting.
• Enhanced Training Completion: By ensuring users receive their email notifications promptly, the likelihood of completing cyber security training increases, thereby reducing human risk.

For admins, this feature is essential for improving security awareness and managing human risk. By providing a reliable method to ensure all users receive their training notifications, it helps maintain high compliance rates and reduces vulnerabilities associated with incomplete training. This tool is crucial for maintaining a robust security posture and fostering a culture of awareness and vigilance within the organisation. More info here

The Adobe PDF API Viewer is now embedded for all policy documents and PDF communications within our Fusion courses.

This solution aims to provide a seamless viewing experience regardless of zoom level, ensuring that all users, including those with accessibility requirements, can easily access and navigate PDF content.

Features & Benefits:

• Enhanced Accessibility and user experience: The Adobe PDF API Viewer supports smooth zooming up to 200%, enhancing readability and usability
• Customisable Viewing Options: Users can minimize menu sections within PDFs, controlling their viewing experience without interruption.
• Integration with Platform and our MyCompliance Teams App: Seamless integration into policies and Fusion courses ensures that PDFs are readily accessible on the MyCompliance Teams App!

This initiative reflects our commitment to leveraging technology to enhance accessibility and streamline user experiences across our platform, reinforcing our dedication to meeting the evolving needs of our users and ensuring compliance with accessibility standards.

We have developed three new campaign templates specifically for Season 3 of Cyber Police: English Only, Core Languages, and Extended Languages. These templates are designed to streamline the process of creating and managing security awareness campaigns.

Features & Benefits

• Ease of Use: Navigate to Campaign Templates to access and utilise these new templates with ease.
• Time-Saving: Set up a comprehensive campaign covering all episodes with just a few clicks, reducing the administrative burden.
• Multilingual Support: Choose from templates tailored to English Only, Core Languages, or Extended Languages, ensuring effective communication across diverse language groups.
• Enhanced Awareness: Deliver consistent and engaging content to end users, significantly improving security awareness across the organisation.
• Improved Risk Management: Cyber Police mitigates risks and reinforces best practices among employees in the most engaging way.

Leveraging these new campaign templates means a significant improvement in the deployment of security awareness initiatives. The ability to quickly and effectively reach all employees with relevant content enhances overall organisational security posture. This leads to better risk management and a more informed workforce, ultimately contributing to the resilience and security of the organisation.

Managing and identifying bounced emails within phish audit reports can be challenging for admins. The inability to efficiently sort and filter emails based on their delivery status makes it difficult to quickly identify users with delivery issues, leading to delays in addressing potential problems.

Our latest feature update addresses these challenges by introducing advanced sorting and filtering capabilities in the delivery status column of phish audit reports. This enhancement empowers administrators to efficiently manage and identify bounced emails.

1. Sort by Delivery Status:
   • Feature: Easily sort the delivery status column to group all bounced emails together.
   • Benefit: Quickly identify users on the bounce list, improving visibility and reducing the time needed to manage email delivery issues.
2. Filter for Bounced Emails:
   • Feature: Filter the delivery status column to view only bounced emails.
   • Benefit: Export a filtered list of bounced email users for further investigation by the IT team, ensuring targeted and efficient troubleshooting.
3. Flexible Sorting Options:
   • Feature: Sort emails by other statuses.
   • Benefit: Customise the view based on various delivery statuses, providing comprehensive insights and flexible management of email campaigns.

This feature not only enhances the efficiency of administrative tasks but also strengthens overall security posture by enabling prompt identification and resolution of email delivery issues. With clear visibility into delivery statuses, teams can proactively address potential vulnerabilities, ensuring that simulated phishing campaigns reach all intended recipients.