Case Study: University of Surrey achieves visibility into internal and third-party cyber risk with BitSight

Using BitSight to Shine a Light on Cyber Risk Internally and Across its Vendor Portfolio

The University of Surrey, a research and teaching institution with more than 16,000 students and hundreds of vendors, faced widespread cyber risk from open wireless networks and personal student devices as well as limited visibility into third-party security. To gain an outside-in view of its security posture and third-party risk, the university selected BitSight, deploying BitSight for Security Performance Management (SPM) and BitSight for Third-Party Risk Management (TPRM) along with BitSight Security Ratings.

BitSight delivered continuous, external security ratings and near real-time monitoring that uncover infected devices (for example, alerting when a device’s bot communicates with a sinkhole) and surface hidden risks across the university’s digital ecosystem. Using BitSight for TPRM the university now gets immediate vendor posture visibility during onboarding and over the life of relationships, can share dashboard findings to drive vendor remediation, benchmark performance against peers, and track security improvements over time—improving detection, collaboration, and risk reduction.

University of Surrey

Ambrose Neville

Head of Information Security