Cyber Portal

—— Scroll Down

Cyber Portal

—— Scroll Down

Cyber Portal

—— Scroll Down

—— Overview

AIG needed to bring malware detection and URL verification capabilities into their global Cyber Portal, a complex multi-audience tool used by underwriters and customers across internal and external portals. Working within Agile, I joined a team of four and owned the end-to-end UX for two major new features, delivering accessibility-approved wireframes on time and coordinating directly with development throughout.

Client

AIG Insurance

Date

July 13, 2020

Role

UX Designer,

Service

UX Design, UI Design, Accessibility, Enterprise Product Design

Contribution

Responsible for stakeholder meetings, requirements gathering, domain research, user flow design, wireframing, accessibility compliance, malware alert UX, URL verification feature design, watchlist functionality, and engineering handoff.

—— Brief

AIG's Cyber Portal needed to do more: detect malware, verify URLs, and alert underwriters in real time, without adding friction to a workflow where speed and accuracy are everything.

A feature design and delivery engagement within an existing enterprise portal, working Agile alongside a product owner and two business analysts to define, design, and ship two mission-critical new capabilities for underwriters managing cyber claims globally.

4

Portal user types supported

2

Major features designed and shipped

3

Malware alert touchpoints designed

Note: Sensitive data blurred for confidentiality.

—— CHALLENGE

The Cyber Portal was already a complex, data-dense tool serving four distinct user types across internal and external portals. Adding URL verification and malware detection wasn't just a feature request. It required understanding the existing information architecture deeply enough to integrate new capabilities without disrupting established workflows. At the same time, AIG released new branding guidelines mid-project, requiring a full accessibility audit of every existing color system and text format across the tool. The challenge was doing both simultaneously without slowing down delivery.

—— solution

The core principle driving every design decision: don't interrupt the underwriter's workflow unless it truly matters. Every feature was designed to surface the right information at the right moment, in the right level of detail, without adding unnecessary clicks or cognitive load.

01

URL verification and malware detection

Designed a multi-step modal flow allowing underwriters to verify a URL, add Bitsight security data, initiate a scan request, and receive a recommendation, all without leaving their current screen. The process needed to be sequential enough to ensure accuracy and fast enough to not disrupt the workflow.

02

Three-layer malware alert system

Discovered through research that underwriters needed to be alerted to malware events in three distinct scenarios: when first visiting an account, on the Cyber Overview dashboard if already working elsewhere, and globally via a notification panel for events detected while on any other page. Designed all three alert states to feel consistent, unmissable, and non-disruptive.

03

Watchlist and CVE management

Designed the ability for underwriters to add accounts to a personal watchlist with email notifications for updates, manage that watchlist from a single modal, and view active CVE remediations with expanded detail on hover, surfacing critical security intelligence that previously required navigating away from the portal entirely.

—— 4 key design decisions

01/ Three touchpoints for malware alerts
Early on we had to decide how to structure community within the app. The Facebook Group model was the obvious reference point, but it carries baggage. It feels public, performative, and algorithm-driven in ways that actively work against vulnerability. We landed on Circles. The distinction is intentional: a Circle is intimate, self-selected, and topic-anchored. Each has its own guidelines and keyword filters so members could navigate conversations around specific symptoms or treatment approaches without wading through noise. The name itself matters. A circle implies equal standing, no hierarchy, no algorithm deciding who gets heard.
02/ Multi-step modal for URL verification
Early iterations allowed underwriters to complete URL verification in a single screen. But research revealed this created errors: users were skipping steps or saving incomplete data. The decision to break it into a sequential multi-step modal sacrificed some speed for significantly higher accuracy, which was the right trade-off for a tool where data integrity directly affects underwriting decisions.
03/ Accessibility as a design constraint, not an afterthought
When AIG released new branding guidelines mid-project, the accessibility audit could have been treated as a compliance checkbox. Instead I approached it as a design opportunity, reviewing every screen, every color combination, and every text format with fresh eyes. The result was a more consistent, readable interface across the entire portal, not just the new features.
04/ Restraint over visibility
The watchlist notification system, the CVE expanded view, the global notification panel: all of these could have been more prominent. The deliberate choice to keep them contained, accessible but not intrusive, was driven by a single insight from stakeholder meetings. Underwriters don't want to be managed by the tool. They want the tool to support their judgment, not override it.

—— PROCESS

WEEKS 1–2
Discovery and domain immersion
Attended ongoing business meetings, studied the existing information architecture, and immersed myself in the world of cyber claims and underwriting until I could speak the language of the product and its users. Asked relentlessly: where does the current process break? What does the underwriter actually need at each step?
WEEKS 2–3
Define and research
Worked with the product owner and business analysts to define requirements for URL Verification and Malware Detection. Researched existing solutions in the market. Mapped user flows to understand where new features could integrate most efficiently.
WEEKS 3–5
Ideation and wireframing
Sketched early flows and iterated on layout and interaction patterns. Explored multiple approaches to malware alerting before landing on the three-touchpoint model. Designed the URL verification multi-step modal after determining a single-screen approach created too much cognitive load.
WEEKS 5–8
Prototyping, accessibility and handoff
Built high-fidelity wireframes and interactive prototypes. Conducted a full accessibility audit against AIG's new brand guidelines, updating every color system and text format to meet compliance standards. Coordinated directly with the development team to ensure seamless handoff and timely delivery.

The Override

The most important design decision on this project wasn't about a feature. It was about restraint. Every time we added something new to the portal, the instinct was to make it visible and prominent. But underwriters are working through high-stakes data under time pressure. The discipline of asking 'does this person actually need to see this right now?' shaped every single design choice, from the three-layer alert system to the multi-step verification flow. Knowing when not to interrupt someone is its own form of design intelligence.