Cisco Security Communications Redesign

generative + formative + evaluative research + strategy

ROLE

Contract Research + UX Strategist

CHALLENGE

Cisco Security decided to reorganize after they realized that their teams had grown organically with many redundancies. One facet of redundancy was their “pull” security communications on their .Com security portal. I was contracted to explore this problem space and define the needed pull communications and their content.

APPROACH

Business Objectives, Goals, Assumptions, etc.

I reviewed and synthesized the foundations of the project- the objectives and goals, assumptions about the communications and users, understanding the security analysts and the importance of the communications to them and Cisco, and an inventory of communications.

Current State Evaluation

I took an inventory of the current Cisco Security communications including content, owners, objectives, category, target audience, etc.

User Interviews

I crafted and conducted interviews to understand who pulls security communications, how they process them, and what they do with the communication. Participants were contacts of the security teams and represented different size organizations and experience in the industry. A latent ecosystem of users of the content and their needs was revealed.

Competitive Analysis

Concurrent to interviews, I conducted a competitive analysis of competitor’s pull communications, inventorying communications and approaches, as well as conducting a heuristic evaluation of the quality of those communications.

Open Card Sort

I conducted an open card sort to check the usefulness and understanding of the security communication components. We synthesized findings to clearly outline needs, the latent ecosystem of consumers and their processes, and the related customer tasks.

Usable + Useful Documentation

I documented the analysis and design well as I wasn’t sure if I would be involved in designing the final communications. I documented the findings and logic holistically with a goal of empowering the Cisco teams to make informed decisions and create notices without dictating solutions.

The User Experience + Needs

I outlined experiences for each user group and their information needs and dependencies on each other to empower Cisco Security Analysts to write more effectively and efficiently for their target audience.

The Solution

I defined the Information Architecture including the content needs and navigation to specific content.

Biz Dev

I proposed an additional project- redesign their security portal to be more useful to their target audience of pull communications which was approved.

CONSIDERATIONS

Security Analysts (including Cisco Security Analysts) advance their careers with their publications which promote their expertise in technology, processes, and general knowledge of the industry. Cisco Security Analysts are very engaged in the industry on an international level and very conscious of needing to maintain it.

Targeted users want concise, accurate, complete communications with actions and assets – not dissertations.

User Assumptions

The Cisco Security teams had very strong assumptions about who, how, when, what, and why their pull communications are used. I had limited access to the targeted users which grew organically as we discovered the ecosystem. An ecosystem was revealed but I didn’t have time to fully explore it. So perspectives were defined with second-hand perspectives.

CMS Requirements

The solution will also produce CMS requirements to support content and templates which the team did not understand at first which meant that requirements may be rolled out over time (a couple of years).

Communications’ content comes from different sources – teams, databases and different CMSs were in play. Cisco Security wants to lead the industry whenever possible. I wanted to collaborate with the team to harness their knowledge as I worked, and work collaboratively to form a solution, but they were not available. I had one regular contact whose availability was spotty.

Team Availability

My Cisco Security contact was traveling internationally for work.

The original approach to the security portal and communications were content/team-based. A task-based approach was recommended and eventually implemented.

Teams were empowered with an introduction to the latent ecosystem of consumers of security communications, and their holistic workflow.

Building upon the introduction of the ecosystem and their workflow, an experience blueprint was started to communicate the holistic perspective and detailed needs. The empty squares represent the Cisco team(s) opportunities. Since we couldn’t collaborate with them, this was meant to spark the holistic thinking and empower them to move forward.

Detailed requirements for specific touch points in the blueprint were documented and prioritized according to business objectives and goals including applicable usability heuristics/requirements as well as requirements extrapolated from research. This communicates research findings in a very useful and usable manner rather than a separate report that a team member has to figure out when and how to apply.

A competitive analysis inventoried content and features which I combined with applicable heuristics to introduce the needed usability heuristics and implicitly critique the industry’s communication patterns, and establish their value when incorporated and the detriment when ignored.

RESULTS

I synthesized the findings and realized that the target audience was much smaller with very specific needs that were not met by anyone’s pull communications, and the security analyst who pulls the communication is not the analyst who processes or makes decisions.

I discovered an eco-system of security communication consumers. The needs of the consumers were different from – and sometimes conflicted with, the Cisco Security Analyst who write the communications. The nature of the Cisco Security Analyst is a natural need to be explicit, detailed, and reveal their knowledge. The users want bullet lists and tables of information so they can move quickly and empower others to make decisions and take actions.

The teams were empowered with a holistic view of the information flow of emails and pull communications to security analyst. Information comes from multiple internal and external sources. The context of the communications are indicated with color and highlight. Blue = Cisco, Green = Client, Gray = Third Party.

Targeted emails to specific roles/titles were recommended to ensure the user to quickly determine if the security issue applies to their organization and to get more information to support their team(s).

The solution was a task-based approach to address the different mental models and tasks – Product-oriented, Vulnerability-oriented, Workarounds, and Policy.

The concept of creating distinct experiences to support specific user task (with different users) was introduced without audience-based navigation.

The actual communication solution was defined using input from the interviews and card sort. Content was prioritized to user needs with an emphasis on navigating within the page to find needed content, and details supporting infrequent, “in the weeds” tasks accessible through pop-ups.

SOLUTION - SCREENSHOTS

A screenshot of the live site - The task-based listing of vulnerabilities for those users who are focused on a specific vulnerability. The expanded view helps the user triage the current state and determine if they need to take action and/or get more information.

The product-oriented search - what vulnerabilities exist for my organization's products. The user can quickly scope the vulnerabilities to their product(s), triage from the view if they need to move forward.

The actual security communication has concise, scannable chunks of details that supports a quick navigation to needed information.