Rosenverse

Log in or create a free Rosenverse account to watch this video.

Log in Create free account

100s of community videos are available to free members. Conference talks are generally available to Gold members.

To Protect People, You Have to Protect Information: A Human-Centered Design Approach to Cybersecurity

Thursday, January 23, 2025 • Rosenfeld Community
Share the love for this talk
To Protect People, You Have to Protect Information: A Human-Centered Design Approach to Cybersecurity
Speakers: Heidi Trost
Link:

Summary

If you design digital products, you’re already influencing the security user experience—even if you don’t realize it. Your design choices impact how users handle security and privacy decisions. We live in an ecosystem where everything increasingly relies on the security of systems: from hospitals, to our water supply, to cars and robots. So the stakes are high: disruptions to these systems mean people can get hurt. Further, technology like AI agents—services that will know nearly everything about us and will take actions on our behalf—mean security and privacy are more important than ever. As a UX designer, you understand your product better than your users ever will. This gives you the power to protect users by developing safer systems. By the end of this talk, you’ll learn how to: Apply human-centered design principles to security: human-centered security. Identify key areas where security impacts users most. Understand the dynamics of the security ecosystem. Collaborate with your security UX allies. Ask better questions to balance security and usability. You’ll leave with a human-centered security framework that you and your team can use immediately. Start asking the right questions to improve security outcomes and keep people and systems safer.

Key Insights

  • Security means different things to different roles, making cross-disciplinary collaboration essential.

  • Users (Alice) often do not think about security until it directly interrupts their tasks.

  • Charlie personifies the security systems and communications users interact with; their unhelpfulness harms user trust.

  • Improving the relationship between Alice and Charlie is critical to enhancing security behaviors and outcomes.

  • Threat actors understand users and security systems better than many security teams do, exploiting weak points.

  • Onboarding and signup are crucial moments to influence secure user behaviors because users are motivated and captive.

  • Security messaging must balance clarity and avoiding fatigue caused by false positives or jargon.

  • AI-driven social engineering and deepfakes will make future attacks more convincing and harder to detect.

  • Designers should anticipate user objections and behaviors when creating security flows.

  • Clear standard protocols for unusual financial requests reduce vulnerability to phishing scams.

Notable Quotes

"Security means protecting business, productivity, safety."

"The user is the weakest link is an unhelpful and harmful perspective."

"You cannot improve security outcomes until you improve the relationship between Alice and Charlie."

"Threat actors can masquerade as Charlie to trick users like Alice."

"Most security work happens below the surface where users don’t need to think about it."

"If users have to look things up, they often won’t, so policies must be easy and fast to respond to."

"Onboarding is often fleeting, so influencing security behavior there has an outsized impact."

"With AI, phishing will get worse; attackers will craft messages users are more likely to believe."

"We need to get really good at strategy board games to outsmart threat actors."

"Clear outcomes and defined secure behaviors are better than vague goals like 'be more secure'."

Ask the Rosenbot
Matteo Gratton
Can Data and Ethics Live Together?
2021 • DesignOps Summit 2021
Gold
Marc Rettig
Discussion
2015 • Enterprise UX 2015
Gold
Tatyana Mamut
Opening Keynote: Breaking Conway's Law--or How to Work Differently and Not Ship Your Org Chart
2019 • Enterprise Experience 2019
Gold
Ivana Ng
Level Up Your Program with ProductOps
2024 • Enterprise Experience 2020
Gold
Catherine Blizzard
Using Integrated Insight to Drive Growth
2022 • Advancing Research 2022
Gold
Tanya Snook
Designing the team experience: Building culture through onboarding
2021 • Enterprise Community
Sam Proulx
Understanding Screen Readers on Mobile: How And Why to Learn from Native Users
2023 • DesignOps Summit 2023
Gold
Brian Moss
What Does it Mean to be a Resilient Research Team?
2022 • Advancing Research 2022
Gold
Daniel J. Rosenberg
Digital Medicine Design
2019 • Enterprise Community
Cheryl Platz
Demystifying Multimodal Design: The Design Practice You Didn't Know You're Doing
2024 • Rosenfeld Community
Marisa Bernstein
It Takes GRIT: Lessons from the Small, but Mighty World of Civic Usability Testing
2021 • Civic Design 2021
Gold
Jacqui Frey
Setting the Table for Dynamic Change
2019 • DesignOps Summit 2019
Gold
Dave Gray
Group Activity: Making Sense of DesignOps
2017 • DesignOps Summit 2017
Gold
Nalini P. Kotamraju
Two Jobs in One: Being a “Leader who is a Researcher” and a “Researcher who is a Leader"
2021 • Advancing Research 2021
Gold
Lisanne Norman
Why I Left Research
2023 • Advancing Research 2023
Gold
Michaela Mora
Advanced Concept Testing Approaches To Guide Product Development and Business Decisions
2022 • Advancing Research 2022
Gold

More Videos

Xenia Adjoubei

"The tapestry exhibition will be a three-dimensional map co-created with refugees and local school kids to reflect their stories."

Xenia Adjoubei Sean Bruce

Empowering Communities Through the Researcher in Residence Program

March 29, 2023

Tamara Kartoziia

"When we first started expanding, our internal process felt like being stuck in a massive traffic jam."

Tamara Kartoziia

Think global, adapt local: how service design accelerated B2B market entry by 6 months

November 20, 2025

Jay Bustamante

"AI tech debt has compounding interest to it."

Jay Bustamante

Navigating the Ethical Frontier: DesignOps Strategies for Responsible AI Innovation

October 2, 2023

Nicole Aleong

"Hope generates optimistic momentum towards a possibility becoming real."

Nicole Aleong

Future Orientations to Everyday Life: Futures Anthropology as a Methodology

March 26, 2024

Nick Lewis

"Most heavy website performance issues come from videos, images, JavaScript, and fonts."

Nick Lewis

Designing and building low-carbon websites independently

November 18, 2025

Vicky Teinaki

"Even if you had designed it, I wouldn’t have prioritized it."

Vicky Teinaki Michele Marut Tim Parmee

Short Take #3: UX/Product Lessons from Your Industry Peers

December 6, 2022

Laura Weiss

"The ultimate goal in conflict is to engage with the tension while reducing the friction between humans."

Laura Weiss

Turn Down the Heat: 3 Ways to Handle Conflict in the Moment

November 20, 2024

Joerg Beringer

"This is pure context information, not requirements yet, but it’s structured and detailed for design."

Joerg Beringer Thomas Geis

Scaling User Research with AI: Continuous Discovery of User Needs in Minutes

June 10, 2025

Shelby Switzer

"Silence is productive—resist the temptation to fill it immediately after asking a question."

Shelby Switzer

Making Space for Community Knowledge-sharing in a Distributed World

December 10, 2021