Digital Transformation of Cybersecurity Risk Management
As a Product Designer in the automotive industry, I led the design of a platform to centralize and automate the registration of IT projects for security risk assessment. The primary objective was to transform a fragmented, manual process into an efficient digital experience, freeing the cybersecurity team from administrative burdens so they could focus on strategic protection.
Problem and research questions
The original project registration process was rudimentary and highly prone to errors. The workflow relied entirely on decentralized Excel files that were duplicated and emailed every time a new project was initiated.
This dynamic caused constant data loss across file versions and email threads, while also facilitating human error due to a lack of real-time validation. Consequently, the cybersecurity team spent a disproportionate amount of time consolidating information and correcting formats, drastically reducing their operational capacity for actual risk analysis.
How can we transform a manual, fragmented process into a seamless digital experience that returns strategic time to security experts?
Methodology
The first step wasn't drawing screens, but understanding the complexity of the workflow and the significant technical challenge it represented. To achieve this, I facilitated a series of co-creation workshops with project requesters, the cybersecurity department, and the involved IT teams.
The result of these sessions was a comprehensive Service Blueprint that mapped the entire information journey and the interactions between the three main actors. This artifact was crucial not only for UX but also for the engineering strategy, as it allowed the development team to structure the database and backend logic efficiently from day one, aligning technology and design under a single vision.
Ideation & Design Process
With the flow defined, we moved to the tangible phase, focusing on handling large volumes of technical data without overwhelming the user. I started by sketching low-fidelity wireframes to validate the information architecture, where we identified a critical need for custom components to visualize data on the dashboard and dynamic forms that adapted to context.
The final high-fidelity interface was designed to serve three distinct profiles: an intuitive wizard for requesters to input technical data without friction; quick views for approvers to manage authorizations; and an analytical dashboard for administrators to monitor the health of all projects in real-time.
Legacy of UI Kit
One of the most significant achievements of this project was scalability. Given that the development team needed autonomy for future iterations after my departure, I developed a robust UI Kit based on atomic components.
I worked side-by-side with engineers to ensure the technical feasibility of every element. This collaboration allowed the UI Kit to evolve organically into a living Design System. Thanks to this foundation, the development team was able to continue building new screens and modules intuitively and autonomously, maintaining visual consistency and experience quality without depending on constant design supervision.
