We started the week with our second round of user research, interviewing participants from a mixture of technical and non-technical roles. We asked participants about improvements they have recently made in the area of cyber security, focussing on the steps they took, who was involved, and asking about what advice/guidance/tools they used or would have found helpful.
Using our ransomware content prototype, we also tested a range of different content types, including templates, step-by-step guidance, images and downloadable action plans.
Analysis of user feedback highlighted...
- Participants felt that this was a perfect resource for senior leaders and general awareness, but that there was not necessarily enough detail for those in technical roles
- Some participants felt that DfE resources could be a good tool to help persuade SLT that a topic is important
- Most participants were thinking about this in a reactive mindset, and so they wanted the response concepts to be front and centre on this page
- Participants thought it could be useful to have a section of content that focuses on the consequences of not prioritising ransomware
- For technical roles it was suggested that you need a complementary resource that gives you in-depth guidance on how to action the action plans
- All participants used external IT providers to help them with CS, and some suggested it would be helpful to include a list of questions to ask a supplier so that schools know what type of information to look out for
Behind the scenes
- We made progress uncovering the content management business governance process that will work across teams requiring and delivering content.
- We continued to work with the Plan Your Tech, Standards and Central Content Teams alongside wider programme stakeholders to get clarity on ownership of artefacts across the programme.
- We started exploring the technical feasibility of different options for delivering the self serve capability, including talking to other teams about their knowledge bases.
Behavioural change
We took a detailed look at one of our research participants - the CEO of a MAT - who displayed positive behaviours we’d associate with high digital maturity. We used their description of how they made cyber improvements at their MAT to plot out a map, and then used the Com-B framework to frame positive behaviours and categorise the motivations, opportunities and capabilities that helped to support those behaviours. This allowed us to see possible pain points and interventions that DFE could undertake more broadly to support positive behaviours in less mature schools.
Looking forward
- We started to make a basic GDS html prototype with templates in that we think we’ll need moving forward. This will enable us to move more swiftly in future rounds of concept and prototype testing.
- We would like to spend some time mapping out participants' journeys that were not as digitally mature as the MAT CEO or came from different settings, such as LA schools, to further understand user behaviour and how we could support this through self serve content.