UST Cyberproof provides Cybersecurity services to AXA Global, one of the leading insurance providers in India. This is a short tale of how we went about designing the Security Operations monitoring portal from groundup.
Introduction
AXA Global has partnered with UST Cyberproof to deliver a range of security services(collectively referred to as "Next Gen SOC”) catering to over 100 entities.
The Security Operation Centre(SOC) services include Incident Management, Threat Intelligence, Vulnerability Management, and Use Case Factory,
Many of these entities currently lack sufficient visibility into Security Operation Centre(SOC) services, relying heavily on monthly calls for support and service consumption.
The goal of the project is to increase security awareness among AXA entities, providing them with accurate, timely, and comprehensive insights into the Security Operations Center services.
TIMELINE
Aug 2020 - Dec 2020, 5 mths
ROLE
UX Designer | Moonraft
PLATFORM
Web app, Dashboard design
CLIENT
My Role
The design team consisted of Team lead, UX Designer and Visual Designer. As a UX designer in the project, my role involved conducting user research, Interaction, wire framing, prototyping and testing.
My responsibilities include -
Contextual study on the domain to gear up and understand this new field of expertise.
Preparing Research questionnaire and conducting user interviews to gather insights on the users’ needs and paint points from the product and the service provided by the client.
Synthesizing the data collected from the User interviews to map down the opportunity areas. Understanding user roles and Mapping personas to understand the user’s emotional journey.
Understanding and defining relevant SLAs and KPIs for specific user groups.
Deep dive-in to different data visualization techniques to better represent the set of SLAs and KPIs.
Brainstorming ideas with the design team to come up with a concept that gives full visibility and control to the user.
Creating wireframes and clickable prototypes in a short span for better understanding for the users and stakeholders.
Validating and testing these clickable wireframes with the end users.
Adapting design changes based on the user feedback maintaining the consistency in design.
Timeline & Approach
This was a very complex project given the domain of Security Operations and the crunched timeline. Initially the plan was to complete the Discovery and Concept in 3 weeks, but due to the unavailability of users, the timeline got extended by 2-3 weeks.
Fig (1) - Proposed Timeline
Product goals
We initiated the project with alignment workshops with key stakeholders from AXA Global and UST Cyberproof, fostering a shared understanding of the client's goals, challenges, and expectations. These sessions allowed us to align our UX design efforts with the overall project objectives.
Contextual Study
As we were quite new to the domain of Security Operations, this involved thorough secondary research, and gaining knowledge into this new field of expertise.
Product Walkthroughs and Demos
To grasp the intricacies of Security Operations, we actively engaged in product walkthroughs and demos, collaborating closely with the Subject matter experts. These sessions helped us explore and understand the Next Gen SOC services in detail, the technicalities, current experience, relevant Service Level Agreements(SLAs) and Key Performance Indicators(KPIs).
Understanding SLAs and KPIs
We delved into understanding metrics to measure SOC effectiveness, the Service Level Agreements (SLAs) and Key Performance Indicators (KPIs) in the security domain. Deep dive into different data visualization techniques for different data sets to visualize these SLAs and KPIs.
Competitor analysis
We studied different Operational Risk dashboard with a focused study on Security Operations dashboards. We conducted competitor analysis to understand the market and best practices. We mapped out the SLA and KPIs used by different competitors.
User Research
Based on our initial research we concluded that there are 3 user groups - Security Operations, Senior Security Management and Executives that we are dealing with. We conducted user research with these 3 user groups to validate our hypothesis and to understand their needs and pain points. Due to the time constraints and availability, we could not interview many users. We conducted a total of 8 interviews - 3 Operations, 3 Senior Security Managers and 2 Executives. We also sent followup questions to the users for further clarifications.
Synthesis
We did affinity mapping for the interview notes, and created categories. Utilizing the insights we got, we created user personas to define the User, their needs and pain points. This further helped define our opportunity areas.
We also mapped out the SLA/KPIs obtained from the User Research, from Cyberproof and from the Competitor Study to find patterns, to finalize on the list of SLA/KPIs for each User group.
Drawing insights from our user research, we found that 2 out of 3 hypotheses were fully validated, while the remaining one received partial validation. Additionally, we uncovered new needs and pain points, enriching our understanding of user perspectives.
Fig (10) - Affinity mapping based on User interview data
Fig (11) - Mapping of different SLA & KPIs
Fig (12) - Finalized list of SLA & KPIs
User Persona
Using insights from the user research, we defined the 3 user personas - Operations, Senior Security Managers and Executives. Each persona detailed their unique needs, pain points, and relevant SLA and KPIs, ensuring a personalized and user-focused approach.
Opportunity areas
Ideation / Conceptualization
We conducted brainstorm sessions with the team to come up with ideas and concepts around these opportunity areas. We also organized collaborative brainstorm workshop with the extended design team for quick ideation around a specific direction. This helped us open up to a lot of different perspectives, thanks to the design team at moonraft.
Scenario mapping
In the conceptualization phase, we also did Scenario mapping for detailed exploration of User Journeys, envisioning real world scenarios. This approach enhanced our design concepts by aligning them closely with user needs and interactions.
Feature prioritization
Once we had the initial data and analysis in place, we had feature prioritization internally in order to plot the priorities based on the user research and prior business knowledge. We mapped the generated ideas on the Kano model to visualize the impact each of these features are meant to create. This step further helped us finalize on the list of features for this release.
Early sketches
We started sketching to visualize these features on the dashboard. During initial sketching we discovered there are three important parts in designing this dashboard -
Organizing principle to show these SLA/KPIs
Type of Data Visualization to best represent the SLA/KPIs.
Positioning the features
Organizing Principle
Designing a dashboard, required strategizing to position different metrics and KPIs best representing the user needs. We started with Paper sketches, followed by discussions on organizing principles. As the roles and responsibilities of these different user groups varied, there was a need to organize content differently for each.
Data Visualization Strategy
The exploration revealed the importance of selecting the right type of data visualization to best represent SLA/KPIs. This critical decision aimed to enhance user comprehension and engagement.
User flows & Information Architecture
Positioning features was another crucial step in the process. After series of rough iterations, we created the User flow followed by Information Architecture to strategically place elements, ensuring an intuitive and user-friendly dashboard structure.
Wireframing
We translated Information Architecture into tangible wireframes, outlining the skeletal structure of the dashboard. This ensured a functional and user-friendly layout before diving into detailed design elements.
Final Design
Security Operation Centre (SOC) self service dashboard, is designed with a focus on empowering AXA entities with enhanced security awareness and operational efficiency. The dashboard personalized for the needs of different user groups, offers real-time data visualization of security incidents, threats, and vulnerabilities, providing users with the insights they need for proactive decision-making. It caters to both novice and experienced users, promotes self-sufficiency, and ensures that security operations are more transparent and efficient.
Cyberproof Design System
The final design incorporates the Cyberproof Design System guidelines, ensuring consistency and scalability across Cyberproof offerings. Cyberproof design system includes a comprehensive set of design components and guidelines that ensure a consistent, professional, and user-centric visual identity for the Security Operation Centre (SOC) dashboard.
Personalized experience for different users
Design tailored to the unique needs of the key user groups - Operations, Senior Security Managers, and Executives.
Operations receive real-time incident data, Senior Security Managers access key high-level metrics and KPIs, while Executives are presented with strategic data, ensuring efficient and role-relevant decision-making.
Operations View
Real time insights
Customized view
Proactive alerts
AI powered Vigilance
Threat Intelligence
Enable Collaboration
Insightful reporting
Generate detailed reports featuring selected KPIs to evaluate system performance.
Consolidated view of weekly SOC activity is delivered via email, providing insights into long-term trends and security performance.
Prototyping and Testing
Following valuable feedback from our stakeholders, we developed prototypes that included real data and subsequently engaged with the same group of users we had previously interviewed. This iterative testing process allowed us to integrate user feedback effectively, ensuring that the final design met their specific needs and expectations.
Impact
The ongoing project is set to deliver significant impacts for both AXA and Cyberproof. AXA will benefit from heightened security awareness and operational efficiency among its entities, leading to reduced dependency on support calls and proactive security management. For Cyberproof, the self-service SOC dashboard designed for AXA is now part of the SOC service offered to other clients, thereby elevating the value of their service portfolio and expanding their market reach.
Learnings
This project due to the tight timeline, involved thorough planning and quick action, undertaken in close collaboration with the Project Lead. These were some of the key learnings from the project :
Domain Adaptability
The Security Operations domain was quite new and complex to understand. Thorough research and understanding through alignment workshops and discussions with Subject matter experts were essential to start the project and bridge the knowledge gaps.
Data Driven design
Understanding and visualizing the Service Level Agreements (SLAs) and Key Performance Indicators (KPIs) in the security domain was a critical part of design. The data visualization played a pivotal role in helping users grasp complex performance metrics and make informed decisions. Designing for novice users, we experimented with different data visualization techniques to make data easily understandable.
Business Synergy
The project highlighted the potential for business synergy, with UST Cyberproof intending to leverage the self-service SOC dashboard as part of their services for other clients. This exemplifies the project's scalability and potential to create value beyond its initial scope.
Next Steps
The project, now in the development phase, will focus on thorough testing and user feedback incorporation. Followed by the implementation phase, along with user training, to guarantee a seamless transition. Exploring opportunities for expanding the dashboard's reach to other clients through UST Cyberproof will be a key focus, fostering a broader security impact in the industry.