BitSight Cyber Risk Profile
Research integrated from cyber risk ratings provider BitSight. Custom page design and API integration.
Summary
Through customer surveys regarding our core research product, Proxy Paper, we identified that cyber risk, particularly as a matter of corporate governance, was a key topic of interest to our core institutional investor clients. Since Glass Lewis was not providing analysis or data related to cyber risk, and since our company mission and goals did not align with entering the cyber risk evaluation space, we instead looked at potential partners and data providers to supply these insights. After conversations with multiple partners, we ultimately reached an agreement with BitSight, a leading provider of cyber risk data and ratings, who had an interest in reaching our customer segment as a new audience.
Through customer interviews, several light-weight designs, then higher-fidelity prototypes, and technical feasibility reviews, we were able to produce a custom cyber risk profile page that was added to our Proxy Paper product so that our institutional investor clients could better assess and understand each company’s cyber risks. To expedite the launch of an MVP we started with a flat file ingestion process from BitSight, followed up by a custom API integration in a later iteration to populate the new profile page.
Project Date
Started: Sep 2021
MVP Launch: Feb 2022
V2 Launch: Mar 2023
Customer/User
Institutional Investors (Stewardship Teams)
Problems to Solve / Jobs to be Done
As an institutional investor responsible for voting shares at shareholder meetings I want to have an understanding of the cyber risk performance at the companies where I'm voting, so that I can know whether to take action based on cyber risk failures or oversights.
Link to Product Web Page
Product Discovery
Discovery Summary
Based on surveys and client feedback regarding our core research product, Proxy Paper, we uncovered that cyber security and cyber risk assessment was an area of growing importance for institutional investors. During customer interviews I frequently heard that clients were not sure what they should be evaluating when it comes to cyber risk, but that they knew it was extremely important and likely to grow ever more so in the future. The most common emotion that I garnered through these conversations was one of concern and insecurity due to their lack of knowledge and current focus on this topic.
I then documented this knowledge and opportunity in a “product one-pager”, a template that I created to guide and structure the ideation process so that all stakeholders could share understanding about the idea, the customer problems, our goals, business value, and early-stage potential solutions. I then reviewed the one-pager with key stakeholders including management, client services, sales, and research, and conducted some solutioning discussions with the IT teams of both Glass Lewis and BitSight.
After working out the contracts and getting a greenlight from management of both Glass Lewis and BitSight, we were able to move forward with what I call “rapid discovery”, a process of iterative building and customer validation through low-fidelity wireframes, which evolve into high-fidelity Figma designs and prototypes as confidence in the designs grows based on customer feedback. After a few weeks of meetings with customers, senior devs, and relevant internal stakeholders, we were ready with an MVP design that we believed feasible to deliver during the necessary timeline.
Discovery Gallery
Product Delivery & Success
Delivery Summary
Here I have an important note about the industry that Glass Lewis operates in. It comes with some market-defined time frames for building and launching products, as our core customer base is inundated with a major operational burden from March to June every year, a period referred to as “Proxy Season”, during which some ~65% of the entire year’s proxy voting volumes occur. Think of accountants during tax season and you’ll have a good idea of how institutional investors feel during this period. As a result of this busy period Glass Lewis is under immense pressure to deliver new products before this Proxy Season kicks off, otherwise the launch will be delayed until the summer to be successful.
This is all to say that we needed to get something built and launched quickly, first adding some customer value as soon as possible, then increasing that value with future releases. With that in mind and based on some feasibility and design discussions with the dev team, I ultimately decided that a flat file delivery and ingestion process would be the fastest way to get this data from BitSight to Glass Lewis. From there I was also able to leverage some existing technical infrastructure to embed those data points into a new HTML page design that I created from scratch. Other than some code reviews from developers, I was able to bring this first iteration of a major new feature to life without development resources and costs.
Launching this MVP to production before the busy Proxy Season allowed us to gather extensive, valuable customer feedback, and after the busy season, with sufficient time and an approved dev budget, we were able to start on our next iteration of the BitSight Cyber Risk Profile page. The ability to tap into our dev team for this next version allowed us to build a custom API integration to access BitSight’s data, to replace our manual flat file delivery and ingestion process, and the addition of UX and design resources to help us produce a more professional and concise page design.
During this time, I also worked closely with BitSight and the Glass Lewis sales team to update our commercials, particularly considering potential cross-selling opportunities. We introduced some referral arrangements and other revenue sharing models to ensure a strong and mutually beneficial partnership.
As is the case with all the major products and features that I’ve brought to market, I worked closely with our marketing, sales, client services, and research teams to ensure a successful product launch.
Delivery Gallery
Measurement & Success
Brought a new cyber risk feature/product to market (from 0 to 1)
Added ~$125k in new partner revenue in Y1, ~$300k in Y2
Client NPS rating for Proxy Paper product (where this page was added) increased by 15% over 2 years