N O X F O L I O

Loading

Let,s talk

S&P Global Ratings

Cyber Risk (Supply Chain) Impact Analysis

 

Product Overview

Ratings360® provides credit rating services, risk research, and critical insights to organizations. The cyber risk research module is designed to provide a comprehensive and quantitative analysis of an entity's cyber risk profile.

Our analysts are using a third-party tool called Guidewire, but the leadership team has decided to develop an internal tool instead.

Problem Statement

Organizations today face an increasing threat from cyber risks, which can result in significant financial and repetitional damage. Despite the availability of various cyber risk management tools, many organizations struggle with fragmented and inefficient solutions that do not provide a comprehensive view of their cyber risk posture.

Key challenges

  1. Inability to quickly access and analyze critical metrics.
  2. Insufficient insights into supplier vulnerabilities.
  3. Lack of effective scenario simulation tools.
  4. Difficulty in staying updated with relevant news
  5. Inadequate comparison tools to evaluate different cyber risk factors.

Goal

To design and develop a user-centered cyber risk enterprise platform that integrates a

  1. Dashboard Overview
  2. Supplier Analysis
  3. Scenario Simulator
  4. News Insights
  5. Comparison tools


Providing organizations with the ability to manage, analyze, and mitigate cyber risks that addresses these challenges, empowering organizations to improve their cyber risk management capabilities and make informed decisions to safeguard their assets and reputation.

Process Behind the Solutions

Objective

Understand the needs, challenges, and pain points of the users.

Empathize

User Interviews

Conducted interviews with key stakeholders, including cybersecurity professionals and procurement managers, to gather insights about their needs and challenges.

Surveys

Distributed surveys to a broader audience to collect quantitative data on their experiences with current cyber risk management tool

Observation

Observed users interacting with existing tools to identify pain points and areas for improvement.

Outcome

Gained a deep understanding of user needs, frustrations, and desires, which informed the design process

Identified key personas, such as Julie, the Head of IBM Cyber Procurement Department.

Objective

Clearly define the problem and establish a focused design challenge.

Define

User Interviews

Analyzed the data collected during the empathize phase to identify common themes and insights.

Problem Statement

Formulated a clear problem statement: “Users need a comprehensive and user-friendly platform to manage and mitigate cyber risks effectively”

User Personas

Developed detailed user persona of Julie, the Head of IBM Cyber Procurement Department. to represent the primary users and their needs.

Outcome

A well-defined problem statement that guided the design process.

User personas that kept the team focused on user-centric solutions.

Objective

Generate a wide range of ideas and potential solutions.

Ideate

Brainstorming Sessions

Conducted collaborative brainstorming sessions with the design team and stakeholders to generate ideas for features and functionalities.

Mind Mapping

Created mind maps to explore different aspects of the solution and their interconnections.

Sketching

Developed initial sketches of potential interfaces and features.

Outcome

A broad set of ideas for addressing the identified problem.

Preliminary sketches and concepts for the platform's features.

Objective

Create low-fidelity and high-fidelity prototypes to test and refine ideas.

Prototype

Wireframing

Designed wireframes for key features such as the Dashboard Overview, Supplier Analysis, Scenario Simulator, News Insights, and Comparison tools.

High-Fidelity Prototypes

Created high-fidelity prototypes with detailed visual design to closely resemble the final product.

Outcome

Functional prototypes that could be tested with users to gather feedback.

Visual designs that ensured a clean and intuitive user interface.

Objective

Develop and launch the final product based on refined prototypes.

Test

Development Collaboration

Worked closely with the development team to ensure the designs were accurately implemented.

Quality Assurance

Conducted extensive testing to ensure the platform’s functionality, performance, and usability met the desired standards.

Launch

Successfully launched the platform to users, accompanied by user training and support.

Outcome

A fully functional cyber risk management platform that met user needs and solved the identified problem.

Positive user feedback and increased user satisfaction, as evidenced by improved user engagement and reduced time spent on managing cyber risks.

Design Solutions

Dashboard

Risk scores at a glance: Each supplier’s cyber risk score, offering instant clarity on potential threats.

Event-based visualization: A clear, color-coded illustration of risk-related events, with severity categories.

Trend monitoring: Time-series graphs to watch risk patterns evolve, making it easier to forecast and manage future issues.

Geographic map: A global view highlighting supplier locations and other key data (e.g., currency, regional vulnerabilities).

Supplier Analysis

Focused insights: Compare risk levels across different suppliers, including the ability to filter by Criticality, industry, and Trends.

Customizable metrics: Drill down into specific risk factors for deeper analysis (e.g., malware incidents, system vulnerabilities).

Scenario Simulator

‘What if’ modeling: Evaluate hypothetical situations such as natural disasters, geopolitical conflicts, or manufacturing disruptions.

Global vantage point: Rapidly assess impacts on suppliers in critical regions like EMEA or APAC with one click.

News Insights

Curated updates: Integrates real-time news tracking for suppliers, highlighting relevant stories that could signal elevated risk.

Automated alerts: Sends instant notifications if major cyber incidents or data breaches occur.

Comparision

At-a-glance: view of each supplier’s risk-related metrics to streamline the decision-making process.

High-Level Visibility: A visual snapshot of risk exposure facilitates quick identification of outliers that may require immediate intervention.

Users to understand: The financial impact of potential risks by mapping out estimated losses against various likelihood scenarios.

“The visual consistency and clarity are remarkable. It feels intuitive, and I can customize it exactly the way I need.”
Julie
User Persona

Outcome & Business Impact

Enhanced Business Efficiency

The new tool streamlined workflows, reducing the average time spent on cyber risk analysis tasks by 30%.

Improved User Experience:

User satisfaction scores increased by 20%, with specific features tailored to the needs of key users like Julie leading to a 35% reduction in task completion time.

Cost Savings

The organization saved $500,000 annually by eliminating the need for the third-party tool.

 

Challenges Faced

Balancing Stakeholder Expectations

As a Senior UX Designer, my most impactful challenge was balancing diverse and sometimes conflicting stakeholder expectations. This involved aligning business objectives set by the leadership team, addressing key user needs (e.g., Julie’s), and considering technical constraints from the engineering team.

Impact:

Alignment of Goals: Ensuring the tool met business goals, user needs, and technical feasibility.

Design Adjustments: Balancing cost-effectiveness, user-friendliness, and technical constraints.

Project Timeline: Managing extended discussions and revisions, which impacted the timeline.

Overcoming the Challenge

Effective Communication: Regular meetings, updates, and detailed prototypes to keep stakeholders informed and aligned.

Prioritization and Compromise: Focusing on critical features and finding common ground.

Iterative Feedback Loop: Continuous feedback and improvements to ensure the tool met expectations.

Outcome

Successfully balancing stakeholder expectations resulted in a tool that reduced costs, improved integration, offered enhanced customization, provided a user-friendly interface, and was technically feasible. This experience highlighted the importance of effective communication, prioritization, and adaptability in delivering a successful UX project.

Iterative Testing & Feedback

Testing Round 1

Interactive prototypes with integrated data.

Key Feedback

“Add a prominent search feature to filter top 20 suppliers by industry or segment.”

Outcome

Incorporated a “Key Search” functionality for rapid, targeted exploration.

 

Testing Round 2

High-fidelity pilot with real supplier data

Key Feedback

“Scenario simulator is a game-changer, but it would help to store previous simulations.”

Outcome

Implemented scenario-saving features and comparative analytics to measure changes over time.

Julie’s final verdict

“This dashboard isn’t just about viewing data—it’s about empowering our team to make smarter decisions faster. Our cyber risk management capabilities have never been stronger.”
Julie
User Persona

Thank you

I appreciate you taking the time to look at my work. If you’re interested in taking part
or to learn more, please get in touch for further details.

mahender.uxdesigner@gmail.com      +1 (309) 242-0396

Linkedin-in Dribbble File-pdf

Copyright @ 2024, MKUXD All Rights Reserved