Contract UX Strategist + Information Architect for 1 project
Cisco Security decided to reorganize after they realized that their teams had grown organically and they had many redundancies. One facet of redundancy was their "pull" security communications on their security portal. I was contracted with an internal researcher to explore this problem space and define the needed pull communications.
The researcher and I worked together to plan the project. 
We reviewed and synthesized the foundations of the project - the objectives and goals, assumptions about the communications and users, understanding the security analysts and the importance of the communications to them and Cisco, and an inventory of communications. 
I took an inventory of the current Cisco Security communications including content, owners, objectives, category, target audience, etc.
We crafted and conducted interviews to understand who pulls security communications, how they process them, and what they do with the communications. 
Concurrent to interviews, I conducted a competitive analysis of competitor's pull communications, inventorying communications and approaches, as well as conducting a heuristic evaluation of the quality of those communications.
I conducted an open card sort to check the usefulness and understanding of the security communication components.
We synthesized findings to clearly outline needs, the unknown eco-system of users and customer processes, and the related customer tasks.
We documented our analysis and design well as we weren't sure if we would be involved in designing the final communications so we documented our findings and logic holistically with a goal of empowering the Cisco teams without dictating solutions.
We outlined experiences for each user and their information needs and their dependencies on each other to empower Cisco Security Analysts to write for their target audience.
I designed a final solution including the content needs and navigation to specific content.
I proposed an additional project - redesign their security portal to be more useful to their target audience of pull communications which was approved.
Security Analysts (including Cisco Security Analysts) advance their careers with their publications which promote their expertise of technology, processes, and general knowledge of the industry.
Cisco Security Analysts are very engaged in the industry on an international level and very conscious of needing to maintain it.
The Cisco Security teams had very strong assumptions about who, how, when, what, and why their pull communications are used. 
We had limited access to the targeted users which grew organically as we discovered the ecosystem.
An ecosystem was revealed and we didn't have time to fully explore it.
The solution will produce CMS requirements to support content and templates which the team did not understand at first which meant that implementation may be rolled out over time (couple of years).
Communications' content comes from different sources - teams, databases and different CMSs were in play.
Cisco Security wants to lead the industry whenever possible.
We wanted to collaborate with the team to harness their knowledge as we worked, and work collaboratively to form a solution, but they were not available. We had one regular contact whose availability was spotty.
The UX Researcher was leaving for international travel/family event.
Our Cisco Security contact was traveling internationally for work.
Targeted users want concise, accurate, complete communications with actions and assets - not dissertations.

The original site hosting pull communications:

The original approach to the security portal and communications were content/team-based. A task-based approach was recommended and eventually implemented.

Usability and Usefulness Ecosystem and Process

Teams were empowered with an introduction to the latent ecosystem of consumers of security communications, and their holistic workflow.

Experience Blueprint

Building upon the introduction of the ecosystem and their workflow, an experience blueprint was started to communicate the holistic perspective and detailed needs. The empty squares represent the Cisco team(s) opportunities. Since we couldn't collaborate with them, this was meant to spark the holistic thinking and empower them to move forward.

Experience Blueprint Touchpoint requirements

Detailed requirements for specific touch points in the blueprint were documented and prioritized according to business objectives and goals including applicable usability heuristics/requirements as well as requirements extrapolated from research. This communicates research findings in a very useful and usable manner rather than a separate report that a team member has to figure out when and how to apply.

Navigating within Pages Heuristic

A competitive analysis inventoried content and features which I combined with applicable heuristics to introduce the needed usability heuristics and implicitly critique the industry's communication patterns, and establish their value when incorporated and the detriment when ignored.

We synthesized all the findings and realized that the target audience was much smaller with very specific needs that were not met by anyone's pull communications, and that the security analyst who pulls the communication is not the analyst who processes or makes decisions. We discovered an eco-system of security communication consumers. The needs of the consumers were different from - and sometimes conflicted with, the Cisco Security Analyst who write the communications. The nature of the Cisco Security Analyst is a natural need need to be explicit, detailed, and reveal their knowledge. The users want bullet lists and tables of information so they can move quickly and empower others to make decisions and take actions.
Email Info flow

The teams were empowered with a holistic view of the information flow of emails and pull communications to security analyst. Information comes from multiple internal and external sources. The context of the communications are indicated with color and highlight. Blue = Cisco, Green = Client, Gray = Third Party.

Email targeted analyst

Targeted emails to specific roles/titles were recommended to ensure the user to quickly determine if the security issue applies to their organization and to get more information to support their team(s).

Annotated wireframe landing page product

The solution was a task-based approach to address the different mental models and tasks - Product-oriented, Vulnerability-oriented, Workarounds, and Policy.

Wireframe task based executive

The concept of creating distinct experiences to support specific user task (with different users) was introduced without audience-based navigation.

The communication

The actual communication solution was defined using input from the interviews and card sort. Content was prioritized to user needs with an emphasis on navigating within the page to find needed content, and details supporting infrequent, "in the weeds" tasks accessible through pop-ups.


A screenshot of the live site - The task-based listing of vulnerabilities for those users who are focused on a specific vulnerability. The expanded view helps the user triage the current state and determine if they need to take action and/or get more information.

The product-oriented search - what vulnerabilities exist for my organization's products. The user can quickly scope the vulnerabilities to their product(s), triage from the view if they need to move forward.

The actual security communication has concise, scannable chunks of details that supports a quick navigation to needed information. 

Research Findings
Security Communications Competitive Analysis + Heuristics Report
Annotated Wireframes + Content Requirements
Final Report: Wrapping it all into one deliverable to ensure empowerment
Back to Top