EPISODE 11: Are You User Experienced? Applying The Principles of UX & UR To The Cybersecurity Journey
Welcome to Compromising Positions!
The tech podcast that asks non-cybersecurity professionals what we in the industry can do to make their lives easier and help make our organisations more prepared to face ever-changing human-centric cyber threats!
This week we are joined by Helena Hill, a seasoned UX Strategist and Consultant and AI expert with a wealth of experience spanning diverse clients, from pre-start-ups to global industry giants.
In this episode, we explore the fascinating topic of UX and cybersecurity.
We’re going to learn from the UX function to see how we can create a better user experience for people on their security journey, learn how to get buy-in from the business about implementing controls such as MFA, and how to ‘sell’ our security value offering as a positive user experience.
And of course, crucially, how to take those first few steps to engage with the UX team!
Key Takeaways for this episode are:
UX and Cybersecurity share the same challenge of educating and getting buy-in from the organization to elevate their importance on the business agenda.
Understanding the user journey is crucial for both UX and Cybersecurity teams to build a better usable security journey.
Empathy mapping helps build a picture of a person and understand their needs and expectations.
Leveraging user expectations and their ease of use thresholds can help create appropriate security controls.
Collaboration between UX/UR and Cybersecurity teams can lead to innovation in the security space and improve the user experience.
This is the first of our two part conversation with Helena, next week we will be talking about her other specialism in AI, which kicks off our Christmas miniseries on AI
Links to everything Helena discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review.
Follow us on all good podcasting platforms and via our YouTube channel, and don't forget to share on LinkedIn and in your teams.
It really helps us spread the word and get high-quality guests, like Helena, on future episodes.
We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I the compromising position here?’
Show Notes
What is a Persona Non Grata? Developed at DePaul University, the Persona non-grata approach makes threat modelling more tractable by asking users to focus on attackers, their motivations, and their abilities. Once this step is completed, users are asked to brainstorm about targets and likely attack mechanisms that the attackers would deploy. Read more: Cyber Threat Modelling: An Evaluation of Three Methods by FORREST SHULL AND NANCY R. MEAD
Downloadable Empathy Map
The stat 1 cybersecurity professional per 100 developers can be found in Toby Irvine’s article The Ratio
An article explaining Dunbar’s Number
A Usability Study of Five Two-Factor Authentication Methods By Ken Reese et al.
The State of the Auth: Experiences and Perceptions of Multi-factor Authentication
“Nah, it’s just annoying!” A Deep Dive into User Perceptions of Two-Factor Authentication By Karola Marky et al.
“Don’t punish all of us”: Measuring User Attitudes about Two-Factor Authentication By Jonathan Dutson et al.
The original, and arguably the best book on Nudge Theory - Nudge: The Final Edition: Improving Decisions About Money, Health, and the Environment by Richard H. Thaler and Cass R. Sunstein. This is a must-read book to learn about influencing behaviour change
About Helena Hill
Helena Hill is a seasoned UX Strategist and Consultant with a wealth of experience spanning diverse clients, from pre-start-ups to global industry giants. Her expertise encompasses fostering in-house UX and customer experience teams, orchestrating and implementing cutting-edge UX methodologies, and collaborating with clients to craft innovative, user-centric digital experiences.
As a thought leader, Helena frequently takes the stage to share her insights on user experience design, customer experience, and service design. She has recently extended her skills into the exciting realm of passenger experience. Furthermore, Helena holds a ChatGPT expert certification, showcasing her high level of expertise in conversational AI and how it can be utilised to exceed user and customer expectations.