Cyber security is the buzzword today. Institutions are getting more and more cautious about how should they secure their applications. The above dashboard comes from a company which provides malware protection.
A dashboard according to me is supposed to convey critical information that’s important for the intended audience. There are few things that are good about this visualization and few things can be done better. Following is my take on this visualization.
Things I like about this:
- One of the graphs above shows an array of threat vectors which gives good first level view of the kind of threats they saw on the accessed network.
- The source countries are depicted from high to low flow in the form of a bubble chart with country’s flag which quickly helps identify these countries and the scale of the attacks coming in.
- Both the above factors (Threat Vectors in first case and attack flow from different countries in second case) show comparisons between different elements.
There are few things which could be done better in this visualization
- A good dashboard should demonstrate a story, by combining and linking different data elements. In this case, this dashboard just gives out lot of information and the reader on its own has to make interpretation of the data.
- Information that 58 Un-reviewed, 9- Discovered and 25 Quarantined gives the first level information and then the user would expect more details on total number of threats detected/Total events seen and the associated breakup. But the following graph just mentions 220 threats in last 7 days and the graph associated does not intuitively give out any information or breakup of that initial level information. If this is done, it would link the two elements as Total Threats Vs breakup on threats detected on each day.
- The next two graphs on severity and threat type depict incomplete information. The threat type graph just gives types of threats and depicts ‘no numbers’ for each type Vs the total number of threats detected to get an overall picture. The graph on severity gives out severity numbers but the components on X axis for which this severity is depicted are completely unknown. Additionally, as there is no known benchmark to compare these values against, this graph doesn’t help take any actions.
- Overall, this dashboard lacks a drill down of information and more explanation on each of the element mentioned.
With current information available, a better way to demonstrate this visualization could be,
https://drive.google.com/open?id=0Bzau8FgD0T1AVHRSalNXY0x2V2M
Threats severity graph with details on severity numbers and names of components against which severity is marked would give detailed insight to the audience.
Overall the above dashboard links the elements better, compared to the original dashboard.
Note: ‘Threat Type’ numbers and ‘Total Threat’ break up numbers are dummy numbers assumed just to demonstrate in the visualization above.
Reference: https://blog.threattrack.com/cso/wp-content/uploads/2014/03/ThreatSecure-Dashboard-Threat-Landscape.jpg