Cyber security
Empowering small orgs with a user-centered approach to cyber security
The landing page of the check your cyber security service.
Overview
The NCSC had identified over 400,000 UK-based IP addresses vulnerable to cyber attacks.

These vulnerabilities were resulting in significant financial loss for small organisations that didn’t have the technical proficiency to know that they were at risk until it was too late, potentially costing them millions.

To help solve this problem, we worked with the National Cyber Security Centre (NCSC) from concept to launch on the research and design of a brand new service that helps small organisations identify and fix these common cyber security issues.
Research services
Usability testing
Online testing
Survey
Data & analytics
Competitor analysis
Design services
Proposition design
User journey mapping
Rapid prototyping
UI & responsive design
Content design
Design system
The challenge
Design a radically simple tool for small organisations
Previous research had shown that cyber security often falls low on small organisations’ agendas due to limited time, knowledge, motivation and awareness. We therefore needed to design a simple tool that tackled these challenges and enabled non-technical users to identify, understand and protect their organisations from IP vulnerabilities.
Our approach to solving the problem
Workshopping & rapid prototyping
We began by workshopping ideas using pen and paper before turning some of them into what we call 'vision prototypes' (sketchy, low-fidelity designs that combine storyboarding with prototyping).

Using the vision prototypes to get feedback on our ideas, we rapidly progressed them from low-fidelity to higher fidelity interactive prototypes.

This led to research sessions where we tested the concepts and uncovered further insights into users’ motivations, barriers, and existing knowledge of cyber security.
Wireframes for check your cyber security connected with arrows to create a flow.
Research
500+ users, 6 rounds of design
Highlights
  • Tested 6 prototypes ahead of launch
  • Ran 30+ one-on-one research sessions
  • Engaged with 500+ users
Between the first round of research and the tool’s beta launch, we conducted 6 rounds of continuous and iterative design and research.

The service was tested with over 500 users through guerrilla testing, online surveys and usability tests. We attended numerous cyber security conferences to get expert as well as novice feedback.

Some of our most critical findings were that users needed to trust the service was safe to use, understand the value and importance of cyber security in order to use it, and be sufficiently motivated to take action on any vulnerabilities they found.
Two UX researchers conducting a remote usability testing session while one types on a laptop.
Solving complex design problems
With each design iteration, we addressed vital challenges discovered through research.

We built user trust using content explaining who provided the service and what it did. We helped users understand the importance of cyber security and the value of the service by using clear language and focusing on their concerns (such as loss of data). And we encouraged action with clear results that explained the problem, the risk and how to fix it.

It turned out that, in this case, less was not more, and that people were more likely to use and return to the service if it took a little longer but included the necessary steps to build trust, understanding and motivation.
Digital sticky notes with notes written on them.
Implementation
Pixel-perfect delivery
Armed with a well-tested and evidence-based experience, we finalised content and pixel-perfect responsive UI templates before collaborating with the product and engineering teams to build and release the tool in beta.

We then created a Figma-based design system to accelerate the design of new checks we would add in the future and ensure consistency.
Five pages from the check your cyber security website on mobile phone screens.
Outcomes
1
Anyone in the UK can test an IP in seconds
We designed a seamless journey that helps users identify issues in seconds while still providing them with the information they need to understand and trust the service.
2
Thousands of tests performed and vulnerabilities found each month
Our evidence-based approach encourages thousands of typically unmotivated users to perform multiple tests every month.
3
We continue to optimise and scale the service
We built data analytics and a user feedback mechanism in so that we can monitor performance, quickly optimise the service, and integrate new checks.
Brilliant service, quick & simple, and a great initiative. Make more people aware of this - I found it by accident and it is so easy to use.
User survey feedback
Our thoughts
It’s not every day you get to work on a project where you take a simple idea and turn it into a service available to everyone in the UK. It was great to put rigorous user research to use to overcome some unique design challenges and the journey feels all the more worthwhile now seeing the service in action.
Aaron Howes, UX Designer
Seeing this service come together thanks to meticulous usability testing, guerrilla testing and surveys has been extremely rewarding. By continuing to speak to users on a regular basis and analysing monthly usage data, we're continuing to evolve the service and it's great to observe the positive impact its having on small businesses.
Scarlet Eadie, UX Researcher & Designer

Have a project in mind?

Get in touch

Other projects