The University of Wollongong (UOW), ranked in the top 50 Universities in the Asia-Pacific region[1], has selected Tenable®, Inc. to prioritise and remediate cyber risk across its domestic campuses.
UOW, located south of Sydney has approximately 2500 employees and educates over 35,000 students across multiple Australian campuses as well as five geographically-distributed locations.
UOW had been using Nessus® for a number of years to run vulnerability scans. However, with growing security requirements that come with managing multiple locations, the security team needed to automate and increase the frequency of scans from once a quarter to stay on top of threats.
Since deploying Tenable.io®, the security team is able to run automated assessments frequently and has full visibility across the university’s 20,000 assets. The entire assessment to remediation process has also been streamlined by leveraging Tenable’s Predictive Prioritization capabilities which yield a Vulnerability Priority Rating (VPR) score. This has removed the guesswork of vulnerability prioritisation and enabled the team to focus on the flaws that pose an imminent threat to the organisation. Tickets that used to take days to create are now assigned to the correct teams in a matter of minutes, rating vulnerabilities according to the risk they pose to the university.
“Tenable.io has enabled us to narrow down and address the vulnerabilities that pose the greatest risk to our organisation faster than ever before. We now have visibility over 20,000 assets and are able to support the provision of in-person and distance learning programmes for over 35,000 students,” said Steve Cliffe, Cybersecurity Manager, the University of Wollongong.
“Automating and streamlining processes have also allowed our team to focus on important security initiatives including cyber-security training and coordinating with the board to implement new policies.”
UOW’s vulnerability management program has quickly become the cornerstone for a more holistic and proactive approach to cybersecurity across the organisation. Cliffe’s team runs weekly vulnerability reports for the Faculty of Engineering and Information Sciences. In addition, the team also captures summaries of new vulnerabilities and closed vulnerabilities on a daily basis. A fortnightly overview of cybersecurity activities is also reported to IT Senior Management who recognise the importance of a strong cybersecurity program.
“The ability to discover, remediate and report on vulnerabilities in real-time has opened up a new level of dialogue with faculty members and senior management about how secure we are and need to be as the threat landscape evolves within the education sector,” said Cliffe.
“Universities hold high volumes of personal data and intellectual property and therefore have a responsibility to take stock of their cyber risk and address it. UOW is a shining example of an organisation which has established a robust security program to accurately identify, prioritise and remediate vulnerabilities that pose the greatest business risk,” said Scott McKinnel, Country Manager ANZ, Tenable. “We are very pleased to partner with a forward-thinking organisation such as UOW on its journey to reduce its Cyber Exposure gap.”
