ℹ️ Some details were altered for confidentiality.
About
Cybert is a concise, quantitative report evaluating an organization’s cybersecurity posture relative to industry peers. It is used for compliance, auditing, underwriting, and mergers and acquisitions.
Client
The client, a B2B cybersecurity startup, recently rebranded and modernized its IT infrastructure. They used this opportunity to assess their offerings and implement necessary changes.
Task
Over four months, the goal was to reassess Cybert from business, technical, and design perspectives.
Team
A multidisciplinary team of five: Product Manager, Product Designer (me), Software Developer, Customer Support Specialist, and Account Manager.
Perspective
Cybert lacked a clear 🔗Product Perspective—'What is it? Why does it exist? Who is it for?'—with varying answers from different stakeholders.
To address this, the team outlined the following approach:
-
Interact with Cybert to understand its functionality.
-
Compare it to market offerings and identify potential opportunities.
-
Engage with relevant internal and external stakeholders for further insights.
-
Present the findings to management to determine the course of action.
Anatomy
Developed without designer involvement, Cybert was created a few years before this project. It consisted of four pages: the first was a summary of the results, while the remaining three provided detailed explanations. A traffic light color system was used to communicate evaluation results, with each color accompanied by a label—Poor, Average, or Good. Correspondingly, numerical values from 1 to 10 were assigned to each of the three colored segments.
Impressions
The report had visual and usability weaknesses, with questionable design choices. Using three evaluation levels—colors, text, and numbers—felt excessive. One-third of the first page focused on demographics, diverting attention from key insights. The pages were cluttered and lacked clear guidance. As such, the project team struggled to understand it.
Findings
Despite each report's five-figure USD price, minimal documentation existed for Cybert. Key questions—such as how scores were calculated, why specific data was used, and whether more could be included—required extensive reverse engineering to answer.
Investigation revealed that Cybert was primarily intended for non-technical users, like C-level executives, who required a high-level overview. If the score was low, mitigation would be necessary, and supplementary technical details would then assist security engineers.
Generating and managing these reports required significant manual effort. A dedicated Customer Success team member handled the requests, running scripts and adjusting the final output to fit into PDFs.
Conceptualization
The new design prioritized enhancing information presentation and refreshing the layout while preserving Cybert's core essence. Several concepts were explored. Each was printed and compared, analyzing characteristics like color, typography, and spacing.
Finalization
Adjustments were made through trial and error. Key changes in the final design included a new name (Cybert instead of Cyber Risk Report), fewer pages (three instead of four), light and dark variants, improved hierarchy, and an upgraded rating system inspired by the 'EU Energy Label' and 'Nutri-Score'.
Reflections
Looking back on the project, here is what stands out:
-
Initially, the lack of data made the project overwhelming and uncertain, but it gradually started to make sense.
-
Working with print was an exciting change and a challenge, having mainly worked on digital solutions before.
-
Surprisingly, many customers revealed that they prefer to print the report rather than just view it on their computers.
-
Since there were no prior complaints about the old design from customers, the new version received little feedback—mostly positive or neutral.
-
Just like a SaaS product, Cybert is a 'living' report that would receive updates and evolve over time.