Leading education institutions adopt Jisc’s Vulnerability Assessment Service to manage cyber attack risks

11 August 2017


Using VAS, institutions of all sizes can detect and manage weaknesses in their network infrastructures.

Jisc – the provider of digital solutions for UK education and research establishments – says several “leading” institutions have now adopted its Vulnerability Assessment Service (VAS) since the framework was launched in April 2016. 

The service is designed to enable institutions of all sizes to detect and manage weaknesses in their infrastructures including servers, endpoints, network and perimeter security equipment. 

Jisc says it automates the process of vulnerability identification and management, and provides the necessary reporting to help institutions prioritise and quickly act upon any cyber attack risks.

Universities including Winchester, Reading, Anglia Ruskin and Hull, as well as Glasgow Kelvin College and Hartlepool College of FE are named as the institutions using the VAS to help identify, resolve and manage network vulnerabilities, and protect their environments.

“Having used the service for over a year, we’ve been able to streamline the way we deal with security vulnerability issues at the university,” says Sean Ashford, networks and systems manager at the University of Winchester. “We can react quickly if we see that there is a critical or very widespread issue on our network that needs fixing. As a result, it’s become a central part of how we handle cyber security.”

The VAS is provided on behalf of Jisc by vulnerability management solutions provider Greenbone and wireless and security specialist Khipu Networks. The framework enables institutions to procure the service directly from Khipu Networks, without the requirement of a formal procurement exercise, thereby saving resourcing, time and money. 

Greenbone’s Security Manager platform underpins the VAS and is said to provide a daily security update feed with more than 53,000 network vulnerability tests.

Jisc’s security director Steve Kennett says: “For education organisations with large and diverse IT networks, it can be hard enough to simply understand their exposure to known vulnerabilities, let alone try to coordinate patching and testing against them. The Vulnerability Assessment Service is designed to relive this pressure, and prevent outbreaks like WannaCry before they happen.”