Avertro Platform Redesign
Overview
Avertro is a venture-backed global cyber security software company based in Sydney, Australia. They are the strategic cyber security headquarters that helps leaders manage the business of cyber.
Role
Timeline
Design Lead
Ux Reseacher
UX Designer
3 weeks
April 2021
The Brief
Our current customer base is mid-to-large enterprises. The project seeks to re-imagine the Avertro platform for a startup or scale up, allowing us to use the underlying capabilities in a manner that makes sense for a smaller technology-driven organisation that needs to worry about cyber risk and cyber security. Essentially, we are looking to understand what the entry-level version of the Avertro platform could look like.
Primary Objective
-
Determine the core capabilities in the entry-level version of the Avertro platform.
-
Define the key use cases for the entry-level version of the Avertro platform.
-
Define the UX for the entry-level version of the Avertro platform.
Secondary Objective
-
Define the on boarding process for the entry-level version of the Avertro platform
Discover
Competitor Analysis
JupiterOne
JupiterOne is a cloud security company that provides consulting and software.
-
Provides YouTube tutorials and walk throughs that address FAQs, trouble shooting and introductions to their platform
-
Drummond Group is one of their consultancy partners for regulatory compliance and risk management
-
Works with businesses of all sizes and scale ups
-
Active in SaaS, Fintech, and Healthcare industries
-
Has a tiered payment options & free accounts
-
Offers third party integration
Desktop Research
Company Landscape
One of the primary objectives of this project is to find the core capabilities needed by start up and scale ups. We took the approach of looking at the business ecosystem of Australia so we could have a better understanding of which companies fall into are target categories and are there others that present a good opportunity to target in the near future.
Opportunity #1
SME Landscape
Small businesses make up between 97.4 - 98.4% of the Australian economy, and employ 41% of the Australian population. Small to medium businesses also make up 84% of innovation in the market. This indicates that there is ample opportunity in the SME space for a strategic cyber security SaaS. In order to classify as a small to medium Business they must employ less than 200 people. In addition to this the SME sector has been growing steadily over the past few years.
Opportunity #2
Economic Sectors
To be successful in entering the market we need to first outline what sectors are most likely to need a strategic cyber security SaaS. The main focus for us will be Technology driven start-ups and scale-ups. These are the fastest growing small business sectors that meet our requirements;
-
Fintech
-
Artificial Intelligence
-
Wearable Tech
-
Healthcare
-
Fraud Protection
-
E-commerce
-
Online Retail
-
Education
-
Well being
-
Construction
Opportunity #3
Covid -19
The global pandemic has changed the world. Many companies have had their workflows disrupted, working from home is now very common and they are turning to tech solutions to solve this. This in turn means that more cyber security will be needed to secure these new channels. Since the pandemic started cyber issues have also increased and have increased in specific areas such as healthcare. Additionally this is likely to bring some sort of reform to current compliance and regulations in many sectors.
Next we need an understanding of what the current rules, regulations and how companies set themselves up. by looking at the most common third party SaaS integration we can start to understand the appetite for a strategic Cyber security SaaS and by looking at their regulation and compliance we can see what rules apply to those and how companies stack up agents them.
Third party Integration
Payment
-
Paypal
-
Stripe
-
Amazon Pay
-
X-Payment
-
Braintree
-
Go cardless
-
Securepay
-
Adyen
-
Square
-
Cybersource
-
Repay
Cloud
-
AWS
-
MS Azure
-
Splunk
-
Kount
-
Accenture
CRMs
-
Salesforce
-
Zendesk Sell
-
Hubspot
-
Zoho CRM
Cyber Risk Compliance & Regulation
International Standards
-
ISO/IEC 27001
-
ISO/IEC 27002
-
ISO 15408
-
IEC 62443
-
ISO/SAE 21434
-
ETSI EN 303 64
Australian Standards
-
Essential 8s (ASD8)
-
Small business guide
-
Information Security manual
American Standards
-
NIST
-
NERC
-
FSSCC
Interview Insights and Affinity Map
Below we will sort through our affinity map a combination of our desktop research notes and interview insights. In total we have six interviews talking to people in ideal positions to give us important insights. These insight have then been synthesized into labeled categories below. This helps us to identify patterns and potential areas of focus.
Perceptions
Using a Third Party
Frameworks
Budget & Time
Application System Tools
Opportunities
Constraints: Employee
Constraints: Executives
Define
Our insights have allow us to understand the goals and needs of our audience. We have applied these to create personas, and focus our attention onto their most crucial problems.
Primary Persona
Meet our primary persona Mark, he is a cyber security manager for a scale-up fintech company which is expanding and therefore taking on more risk.
Secondary Persona
Are secondary persona is John a senior executive at the company and spends most of his time in meetings with other executives, and his understanding of cyber security is basic.
Journey Map
Develop
Ideation Workshop
Our team organized two ideation sessions with Avertro the first one to discuss the objectives, in order to do this our team developed two how might we questions, that address all the objectives;
-
How might we make a light version of Avertro platform for a more entry-level user?
-
How might we reduce friction from Mark's on boarding experience?
Are secondary persona is John a senior executive at the company and spends most of his time in meetings with other executives, and his understanding of cyber security is basic.
After the ideation workshops we moved into the develop stage, here we took the collection of ideas and we begin to build out the ideas. In this stage my role as lead designer come to a head. I asked the team of twelve to divide into four groups of three. Each group was given the initial instruction of develop a lo-fi wire frame. Due to tight deadlines I wanted to engage in divergent thinking. After this initial step we combined the features and information architecture that we as a group believed was best.
Lo-Fi Testing
Hi-Fi Wire Frame
Reflection
This project had a very heavy focus no research, cyber security was not a area that anyone on the team had any experience with. because of this, and the broad scope of the brief there was no shortage of research tasks. The project did not adhere to our original plan, and we spent far more time on research than design and development. As the lead designer I was not ecstatic with this outcome as it only left 3 days to design, build test our prototypes. With more time time I we could have come up with a more concise plan and spend time developing and iterating a basic lite version rather than reworking major aspects of the platform.
I believe that a focus on presenting analytical data is also a high priority. during our low fidelity user tests many would be users did not understand what some of the graph meant. We also found out during our user tests that the idea that every company uses similar KPIs was incorrect. Everyone measures success and cyber heather differently base on the size and nature of the company. Are idea to make custom pages showing information reverent to them is a good start but still needs more refinement and content to populate those cards with.