When the topic of personas came up during my job interview with Cisco, I pictured something like, ‘Brian, IT Manager at Mid-Size Company, has two cats, cycles to work, struggles to do more with less, etc.’ You pictured something similar as soon as I mentioned personas, right?
But when I joined the Cisco Secure Common Design Systems team a few weeks later, and I saw the personas, they looked nothing like I’d seen in my career. No Brian, no cats, no bicycles. Instead, I discovered a new take on personas with an inclusive design that includes symbols instead of pictures, gender-neutral names and pronouns, and no superfluous demographic details that can easily lead to unconscious bias or stereotyping (sorry Brian, I’m more of a dog person).
I should also say that I’ve had mixed experiences with personas throughout my research career so far. I’ve seen personas that were not based on research (a huge no-no in my book). Personas focused so much on demographic details that they became virtually useless to product managers, designers, and researchers and were wildly subject to stereotyping. I’ve also seen a lot of research effort put into creating insightful personas that then sat on a shelf.
Not at Cisco Secure. Our cybersecurity personas are a dynamic and critical part of our design processes.
Almost as surprising as the personas themselves, I’ve been surprised at how frequently I see the Cisco Secure Personas referenced. I see them used for research recruiting and insight tagging. I see them in all levels of meetings and presentations–from research read-outs to product planning to leadership meetings. I see them actively discussed and debated in Webex spaces. They were frequently referenced by name at a recent leadership summit I attended. I even see them hanging on the wall in the home office of Cisco Secure Chief Design Officer Greg Petroff (yes, we even have flash cards for our personas). I asked Greg for his thoughts on the value of our Cisco Secure Personas:
"Getting to know who we serve, understanding how they solve problems, discerning the outcomes they are trying to achieve at work is critical to building great products. Our Cisco Security Personas are helping everyone on the team gain empathy for our users and make sure we are delivering meaningful productivity and seamless experience to them."
Based on research and inclusive in their design, these personas are helping designers, engineers, architects and product managers build better security products. They’re also great research aids, ensuring we recruit the right customers for each study. Understanding our customers–and their desired outcomes–gives Cisco Secure an edge.
"Designing a security product for a specific persona is like designing a musical instrument for that musician, details matter because that person will be expressing their talent through that tool and the tool should also not get in the way of that person’s craft."
That’s a quote from TK Keanini, Chief Technology Officer for Cisco Secure, who’s a huge advocate for our personas. In fact, his enthusiasm is infectious. He shared more of his thoughts with me on the importance of personas in cybersecurity:
"As cybersecurity products become smarter and more effective, they also become more personal and targeted to roles within an organization. Personas help you model an incident responder, or a compliance officer, or any other critical role so that as you design products, you are ensured that the value you provide is valid to that role."
We have a dynamic set of personas that have traction within the organization, but we can’t let ourselves get complacent. As Head of Research for our Cisco Secure Common Design System, I also own the Cisco Secure Persona program. With representatives from across Cisco Secure product lines, our Cisco Secure Persona Governance Council is responsible for evolving our personas to enable great design for people to connect easily and securely in an increasingly complex space.
Let me share several ways we’re planning to evolve Cisco Secure personas to deliver more value across our cybersecurity design teams and products.
1. Fresh Research: Keep It Coming!
There's a lot of great research happening every day across Cisco Secure. Our challenge is continually infusing our personas with this new research. We're working to create a process where researchers — and other colleagues who interact with customers — can easily share new insights, quotes, stories and videos to enhance our understanding of the personas.
2. Go Deeper: Create Searchable Persona Insights
We currently feature our personas in SharePoint and via the flashcards you saw earlier. And, like I said, they're highly leveraged and discussed in our organization. But people want more. I'm often asked "How do we know this?" or "What's the research behind this persona?" or "How confident are we about Remi (as an example)?" Some people need to see the research behind the personas in order to fully trust them, and that makes perfect sense to me. So we plan to enhance the SharePoint with all of the supplementary research behind each persona. We hope to take that even further and create an immersive and searchable 'persona gateway' where people can come and ask a question about a persona and get an immediate answer, based on research.
3. Expand the Persona Contextual Framework: Jobs to be Done
Our personas have research-based insights that shine a light into their unique goals, responsibilities, and needs. An important next step is to look at each persona through the lens of the jobs to be done framework. What is the customer’s context? What do they need and why do they need it? This is an important exercise to take us closer towards understanding and delivering the customer outcomes I’ve mentioned.
4. Amplify Accessibility
What percentage of our customers identify as having low vision, color perception differences, or as being neurodiverse? What are their unique needs and outcomes? What about situational, temporary, and permanent disabilities? These are topics we’re actively discussing as a Persona Governance Council, along with new Accessibility Principles, as we plan new personas and update our current personas.
5. Launch a “Bring a Customer to Work” Day
What could be better than hearing from customers directly? We want to host fireside chats with customers who represent each persona. That way, researchers, designers, engineers, product managers, and content writers can each come and ask the burning questions that are on their minds (and we can cycle these insights back into our persona gateway).
6. Shape Compelling Persona-Driven Narratives: Tell Me a Story
People remember stories, and stories conjure strong emotions like empathy. Everyone in the organization who interacts with a customer has a story to tell. That’s why we are looking to collect and co-create security-rich stories about our personas to share across and within teams. Think ‘a day in the life of’ stories and videos, from their own point of view.
7. Look to the Future
And finally, we need to work closely with Cisco strategy teams to understand the future personas relevant to security. What roles are emerging? How do they fit into our security ecosystem? What solutions and outcomes will they be looking for? Product managers and designers need to keep these future customers in mind and we can support them by creating the relevant personas. Stay tuned as we continue to evolve our Cisco Secure Personas and deliver Cisco customers the security outcomes they need.