Rosenverse

Log in or create a free Rosenverse account to watch this video.

Log in Create free account

100s of community videos are available to free members. Conference talks are generally available to Gold members.

To Protect People, You Have to Protect Information: A Human-Centered Design Approach to Cybersecurity

Thursday, January 23, 2025 • Rosenfeld Community
Share the love for this talk
To Protect People, You Have to Protect Information: A Human-Centered Design Approach to Cybersecurity
Speakers: Heidi Trost
Link:

Summary

If you design digital products, you’re already influencing the security user experience—even if you don’t realize it. Your design choices impact how users handle security and privacy decisions. We live in an ecosystem where everything increasingly relies on the security of systems: from hospitals, to our water supply, to cars and robots. So the stakes are high: disruptions to these systems mean people can get hurt. Further, technology like AI agents—services that will know nearly everything about us and will take actions on our behalf—mean security and privacy are more important than ever. As a UX designer, you understand your product better than your users ever will. This gives you the power to protect users by developing safer systems. By the end of this talk, you’ll learn how to: Apply human-centered design principles to security: human-centered security. Identify key areas where security impacts users most. Understand the dynamics of the security ecosystem. Collaborate with your security UX allies. Ask better questions to balance security and usability. You’ll leave with a human-centered security framework that you and your team can use immediately. Start asking the right questions to improve security outcomes and keep people and systems safer.

Key Insights

  • Security means different things to different roles, making cross-disciplinary collaboration essential.

  • Users (Alice) often do not think about security until it directly interrupts their tasks.

  • Charlie personifies the security systems and communications users interact with; their unhelpfulness harms user trust.

  • Improving the relationship between Alice and Charlie is critical to enhancing security behaviors and outcomes.

  • Threat actors understand users and security systems better than many security teams do, exploiting weak points.

  • Onboarding and signup are crucial moments to influence secure user behaviors because users are motivated and captive.

  • Security messaging must balance clarity and avoiding fatigue caused by false positives or jargon.

  • AI-driven social engineering and deepfakes will make future attacks more convincing and harder to detect.

  • Designers should anticipate user objections and behaviors when creating security flows.

  • Clear standard protocols for unusual financial requests reduce vulnerability to phishing scams.

Notable Quotes

"Security means protecting business, productivity, safety."

"The user is the weakest link is an unhelpful and harmful perspective."

"You cannot improve security outcomes until you improve the relationship between Alice and Charlie."

"Threat actors can masquerade as Charlie to trick users like Alice."

"Most security work happens below the surface where users don’t need to think about it."

"If users have to look things up, they often won’t, so policies must be easy and fast to respond to."

"Onboarding is often fleeting, so influencing security behavior there has an outsized impact."

"With AI, phishing will get worse; attackers will craft messages users are more likely to believe."

"We need to get really good at strategy board games to outsmart threat actors."

"Clear outcomes and defined secure behaviors are better than vague goals like 'be more secure'."

Ask the Rosenbot
Sahibzada Mayed
Cultivating Design Ecologies of Care, Community, and Collaboration
2023 • DesignOps Summit 2023
Gold
Briana Thomas
When Design Ops Comes in H.O.T. : A Tale of a Transformed Design Org
2021 • DesignOps Summit 2021
Gold
Dan Hill
Designing for the infrastructures of everyday life
2024 • Designing with AI 2024
Gold
Angelos Arnis
State of DesignOps: Learnings from the 2021 Global Report
2021 • DesignOps Summit 2021
Gold
Emily Danielson
“I mean, I can lift a shovel”: Design Skills in Disaster Response
2022 • Design at Scale 2022
Gold
Frances Yllana
The Big Question about Impact: A Panel Discussion
2024 • DesignOps Summit 2024
Gold
Saara Kamppari-Miller
Cartography for Design Communities
2025 • DesignOps Summit 2025
Gold
Jacqui Frey
Panel Discussion: Integrating DesignOps
2018 • DesignOps Summit 2018
Gold
Mark Templeton
Creating a Legacy: the ultimate experience
2017 • Enterprise Experience 2017
Gold
Cassini Nazir
The Dangers of Empathy: Toward More Responsible Design Research
2023 • Advancing Research 2023
Gold
Daniel J. Rosenberg
Digital Medicine Design
2019 • Enterprise Community
Gregg Bernstein
Opportunistic Research with Gregg Bernstein
2019 • Advancing Research Community
Teresa Swingler
Look, Up in the Sky! UX/UI for Aerospace
2022 • Enterprise Community
Sam Proulx
To Boldly Go: The New Frontiers of Accessibility
2022 • Advancing Research 2022
Gold
Bria Alexander
Theme 1 Intro
2024 • DesignOps Summit 2024
Gold
Sofía Delsordo
Public Policy for Jalisco's Designers to Make Design Matter
2021 • Civic Design 2021
Gold

More Videos

Taylor Jennings

"Setting up a repository as a team of one or two is actually the prime time to establish processes like that."

Taylor Jennings Joe Nelson Alex Knoll

Repository Retrospective: Learnings from Introducing a Central Place for UX Research

March 9, 2022

Nicole Aleong

"Anticipation involves preparatory actions to manage uncertainty about future conditions."

Nicole Aleong

Future Orientations to Everyday Life: Futures Anthropology as a Methodology

March 26, 2024

Jeff Gothelf

"Innovation labs don’t work because their mission is to be innovative, not necessarily to solve real customer problems."

Jeff Gothelf

Innovation Studios: the Engines of Enterprise Experimentation

May 14, 2015

Saara Kamppari-Miller

"By designing products through the lens of edge cases like disabilities first, they often become better products for everyone."

Saara Kamppari-Miller

DesignOps for Inclusive Design and Accessibility

May 26, 2022

Tess Dixon

"We need to reject the notion that work is our only identity."

Tess Dixon

C'mon Get Happy

September 29, 2021

Liam Thurston

"Being intentional about how we spend our time is the purest manifestation of our values and our value."

Liam Thurston

Why Your Design Team Is Quitting, And How To Fix It

June 10, 2022

Ian Swinson

"Your career is a design project. It’s the only one you own, so own it like you would a product."

Ian Swinson

Designing and Driving UX Careers

June 8, 2016

Leisa Reichelt

"Context is really super important not only for design and research but for how you design organizations and ways of working."

Leisa Reichelt

Opening Keynote: Operating in Context

November 7, 2018

Rachael Greene

"Doing fewer things well and working at a natural pace improves quality and reduces burnout."

Rachael Greene Alison Davis

Building a Design Ops Practice that Really Works (Most of the Time)

October 2, 2025