Redesigning vulnerability dashboards.
I joined a cross-functional team along with Mantel Group to rethink how Woolworths Group visualises their vulnerabilities information. The goal wasn’t just to tidy up dashboards, it was to identify patterns and shift ownership of actions to mitigate cybersecurity risk, bringing clarity to one of the most complex and sensitive areas of a business.
Challenge
Overly technical vulnerability dashboards.
The original dashboards lived in Looker Studio, pulling data from multiple platforms. They were rich in details but deeply inaccessible. Business leaders couldn’t make any sense of the information without a technical degree or a team member translating them through it.
At the same time, the reports lacked consistency, naming conventions, categories and metrics, it all varied depending on the data source. Resulting into overlaps, delays and compromised trust in the internal cybersecurity team.
Process
Adopting human-centred design to simplify cybersecurity information consumption.
We kicked things off with a human-centred design session that I personally prepared and delivered to over 30 stakeholders. It was early in the project, but absolutely essential build the foundations: this wasn’t about prettier charts. It was about providing users with the right information to make better decisions.
We started with an intensive research, mapping up the existing state, key meetings and documents to pull apart contextual pain points and opportunities. And only then we moved into creation mode, working side-by-side with the Cybersecurity team and end users across the business.
From the research, we could develop six core personas that reflected real audiences inside Woolworths Group. Each one had different perspectives, needs, pain points, and levels of technical understanding. We then designed a tiered view system that included simple summaries for executives to enable quick scans, patterns and comparisons for management to support prioritisation, and detailed data for operational teams to guide day-to-day triage.
This tiered approach gave a logical structure to provide each user group just the right amount of information, without overwhelming anyone, or suppressing required information.
Solution
Iterative prototyping and user testing.
We built out low-fidelity wireframes to validated informational requirements and navigation flows. Once we hit the right structure, we then refined the visual design by aligning colours, fonts, and components for Woolworths brand compliance.
User testing played a huge role for validation. We used Maze and in-person interviews to ask if users could find the information they needed, whether it was useful, and if they could take action based on the data presented.
As feedbacks rolled in loops, we iterated, fine-tuned, and got it ready for development.
Results
Delivering an user-friendly cybersecurity experience.
By the end, Woolworths Group had a new dashboard experience with clear navigation, smart filters, and collapsible menus.
Contextualised charts and plain-language headings made the insights easier to understand. Vulnerability metrics and action prioritisation logic became consistent across different views.
The result was that business leaders could now self-serve insights confidently. Risk owners could visualise their piece of the puzzle. Meanwhile, the cybersecurity team got to focus on what mattered most instead of hand-holding every conversation.
Takeaways
The power of human-centred design to enable informed decision making.
Looking back, one of the biggest wins was understanding user types from the start. Defining strategy, management and operational information while reassuring the differences between technical and business stakeholders helped to build something useful for various types of needs..
A human-centred approach helped to shape key design decisions, from how we grouped data to the language we used in the dashboards. The end result was more than a fresh look, it was a solution that actually helped people do their jobs better.