Intel Creation
2019 | User Research, Interaction, Visual design, Prototyping and Branding
Overview
The goal of this project was to develop a platform for a cyber security center to be able to distribute intelligence to its different constituents.
I worked as a product designer alongside the project manager during the discovery phase analysing the insights that he had gathered. Due to the short nature of the project, I didn’t go through a full-fledged discovery process. Though I was heavily focused on platform architecture, user journeys, high fidelity, and prototypes.
During implementation, I worked closely with the development team by providing design specifications and reviewing different development phases.
Project context
The Cyber security center's main responsibility is to help specific communities, regions, or industries reduce their cyber-attack risks by informing and advising on what measures to take based on cyber threats data that has been collected and analyzed.
In Cyberthreat the capabilities of the adversaries are constantly evolving and becoming sophisticated, threatening to disrupt different systems. Having effective cyber threat intelligence processes and actively participating in information-sharing and collaborating with trusted stakeholders within the industry is a must.
This project wanted to facilitate this workflow for Cyber Security Centres by providing a tool that enabled cyber security centers to ingest and disseminate strategic and operational intelligence to their constituents
If you'd prefer to skip the process and go straight to the final results, click the button below
Opportunities
There was no comparable offer out there in the market which makes it a very exciting project to be part of
Have the opportunity to design solutions that make cyber security accessible and comprehensible
Challenges
Stating the importance of evolving designers early in the process and to get detailed requirements.
No direct communication with key stakeholders or with end users
Understanding the problem
When I joined this project all the initial research had been done , so I worked closely with the product manager to understand the user research he had done.
I started by gathering all the notes from previous talks and interviews (conducted by different people prior to this project took place) and analysing it. It was revealed that:
Not common tool which makes it difficult to collaborate - due to different maturity levels and security processes every constituent uses different tools making it impossible to share intelligence within the same platform
Security issues - cyber security centres have been using some workarounds such as sending through email which can cause some security britches
Hard to manage - there are multiple reports that have to be shared every day, to different constituents from different industries. Currently, there is no way to automate this process based on the different requirements.
Identifying the Users and Use cases
We’ve identified 2 main users: the individuals working at the cyber security centres that produce intelligence and the individuals that consume.
While analysing the findings from the interviews, we extract the main use cases were:
Producers: Share intel reports with their constituents based on sector, region and industry; onboard and manage constituents
Consumers: Consume intel reports; share intel reports between users from the same constituent
Information Architecture
Having in mind that the different users of the portal had different needs the sitemap of the application took that into account.
Sketches and prototyping
After that I started sketching the screens to accommodate the different use cases.
I started with the general structure of the application which later evolved into wireframes so we could easily show to the main stakeholder and get the first rounds of feedback and without much effort, adjustments could be made before going into high fidelity designs.
Designs
During the process of designing I didn’t get the chance to perform user testing, which potentially would have helped spotting small vulnerabilities in the structure of the interface, so all the tweaks that were made along the way were based on the team judgment and stakeholder input.
After a few rounds of feedback and minor tweaks, I created high-fidelity designs and a clickable prototype of the application which were then handed over alongside a specification document to the engineer team (remote).
Org management
The main goal of the producer was to share intel reports to different organizations (constituents). The ability to manage organizations, users, and their activities becomes the central focus of the producer interface.
Report repository
To accommodate report consuming, I designed the repository page and the ability to open individual reports. Download and sharing functionalities were added to allow collaboration.
Onboarding
To ensure that only trusted organizations would have access to the portal, we were asked to implement a number of authentication procedures during the registration process. That translated into an extensive form with a significant amount of mandatory fields. To comply with that requirement and to try to make this a less tedious process I designed an onboarding step by step guide for this registration flow.
Few takeaways/ Closing offs
Even though more substantive research done upfront would have helped during the process and usability tests would have given us the opportunity to spot and improve usability issues along the way, our product has skewed very positive reactions from the main stakeholder and their constituents - they were now able to share intelligence and communicate effectively through one single channel.