Case Study: Ofgem (the UK’s Office of the Gas and Electricity Markets) achieves full visibility and end-to-end security compliance with Qualys

Deploying Comprehensive Security Measures and Enabling End-to-End Compliance in a Multi-Faceted Organisation

Ofgem, the UK regulator for gas and electricity, needed to strengthen protection of sensitive commercial and personal data across an estate of about 500 (mostly virtual) servers and services used by the public and its 700 staff. Its vulnerability management was fragmented and one‑dimensional, leaving limited visibility of security threats, inconsistent policy enforcement across servers, network devices and endpoints, and exposure from web‑application vulnerabilities during fast‑moving projects.

Ofgem deployed the QualysGuard suite—Vulnerability Management, Policy Compliance and Web Application Scanning—to discover and tag assets, automate scans and reporting, enforce standards and integrate security into project lifecycles. The outcome was full, auditable visibility of vulnerabilities, faster prioritisation and remediation, reduced overall vulnerabilities, streamlined reporting to executives and auditors, and time savings for IT through automation.

Ofgem

Bob Mann

Chief Security Officer