The Digital Security Gap

Users are locked out of their own defense. They are expected to manage their digital security, yet most lack the knowledge, tools, and support to do so effectively. Privacy settings are buried deep, permission requests are confusing, and threats are invisible until it's too late. This disconnect creates a dangerous gap, which attackers are quick to exploit.

We close that gap by making digital protection understandable, accessible, and easy to act upon. We empower users to actively participate in securing their own data and online presence.

Everyday, millions of people wake up, check their phones, work online, shop, bank, and socialize. All without realizing they've left their digital front doors unlocked. The problem isn't that users don't care about security. It's that digital protection has been designed as an expert's game, requiring technical literacy that most people were never taught and don't have time to learn. Everyday users must navigate privacy settings buried deep within applications, evaluate permission requests written in dense language, and recognize evolving sophisticated threats. When something goes wrong, they are often expected to diagnose the issue themselves or pay for technical support. This creates the Digital Security Gap: a chasm between the responsibility placed on users and the tools actually provided to help them succeed.

The pain created by this gap is both immediate and long-term. Users experience anxiety and decision fatigue when faced with unclear security choices: Should I click this link? Is this app safe? Did i set that password correctly? Overtime, repeated uncertainty can lead to learned helplessness, causing users to abandon security practices altogether. The result is a population increasingly vulnerable to identity theft, financial fraud, data breaches, and the loss of personal privacy. For individuals this can mean stolen savings, compromised personal information, and the exhausting work of recovery. For society, it leads to declining trust in digital environments and increased risk for those least equipped to manage it.

This challenge is ultimately a human problem about autonomy and control. Most people have experienced the frustration of facing systems designed for experts, whether deciphering a medical bill or navigating a contract filled with unfamiliar terminology. Digital security creates a similar experience. Everyone has something worth protecting online: family photos, financial stability, professional reputation, personal communications. The desire to protect these assets is universal; the means to do so should be too.

The scale of this problem is substantial and growing. Over 5 billion people use the internet regularly, and most rely on digital services without specialized technical knowledge. The widespread adoption of password managers, identity protection services, and other security tools shows that users are willing to invest in their digital safety. However, many of these solutions only address parts of the problem. This creates an opportunity to design solutions that transform digital protection from a confusing technical responsibility into an accessible and empowering experience for everyday users.

The Design Thinking Process

Our design thinking process focused on understanding how everyday users interact with digital security. Rather than assuming users simply needed more education, we explored how people actually make security decisions in their daily life. This approach helped us recognize that many users are expected to protect themselves without being given clear or accessible tools.

Our team embraces empathy and ambiguity by researching users with different levels of technical knowledge. By examining how individuals respond to security prompts, privacy settings, and online threats, we identified patterns of confusion and hesitation. These insights guided us toward designing a solution that simplifies digital protection and empowers users to actively take part in their own security.

Building Empathy

We conducted "day-in-the-life" sessions with students, friends, parents, professionals, and even strangers, observing how they navigated security settings and permission requests in real time. Stepping into their shoes was humbling, we felt their anxiety firsthand as they hesitated over pop-ups and defaulted to "allow" just to complete basic tasks. It became clear that our initial assumption was wrong: users weren't careless, but rather trapped in an impossible trade-off between "get this done" and "stay safe."

Our target users are everyday people (ranging from students to industry professionals) who want protection without needing an IT degree. One parent told us, "Sometimes I feel like I'm guessing whenever I have to download something. If I stop to read everything, I would not have time to care for my kids." This shift -- from seeing users as the vulnerability to seeing the tools as the barrier -- guided us toward designing a solution that fit into real life, not complicate it.

Page updated

Report abuse