Purpose The paper studies the integration of UX into a cybersecurity project using a longitudinal mixed-method approach, how introducing UX influences design, management decisions and security-relevant outcomes, formalises these mechanisms in a four-phase framework and derives recommendations. Design/methodology/approach An exploratory case study follows a multi-year cybersecurity project (2022–2025) with multiple rounds of participant observation, survey and interviews. Findings UX integration facilitates consensus-building, fosters a human-centred mindset and serves as the backbone of the project. Research limitations/implications Single-case design, small homogeneous sample and context-specific setting prevent statistical generalisation. Practical implications Recommendations and framework support safer, more inclusive systems by aligning design with diverse user needs. Originality/value Presents a phase-based framework showing how UX practices reshape security decisions across four stages (recognition, anchoring, translation and operationalisation), alongside replicable UX methods and 10 actionable recommendations for development and management teams.
Azevedo et al. (Mon,) studied this question.