03 October 2025
St John’s College, one of the historic and prestigious colleges of the University of Oxford, has significantly enhanced its cybersecurity defenses through the implementation of a Managed Vulnerability Management (MVM) program developed and delivered by its longstanding partner, ANSecurity.
Founded in 1555, the college supports a vibrant community of over 600 students, numerous staff members, and more than 100 academic fellows across multiple sites within Oxford. With a small internal IT team and an increasing landscape of cyber threats, the college sought a proactive approach to improve visibility into vulnerabilities, mitigate risks, and optimize resource allocation.
Having collaborated with ANSecurity for more than 13 years on various projects, St John’s College turned to its trusted partner to design and deploy an MVM service based on Tenable Nessus. The program features daily credentialed scans, automated vulnerability notifications, validation of remediation efforts, and monthly strategic reviews with ANSecurity’s expert consultants. Since its launch in May, the initiative has yielded measurable improvements, including a reduction of over 50% in critical and high-severity vulnerabilities. The college successfully addressed systemic issues such as broken Windows Updates, unsupported software, and weak cipher configurations, thereby strengthening its security posture and empowering its IT team to challenge vendors with outdated or insecure systems.
Matt Jennings, the college’s IT Manager, emphasized the benefits, stating that the service has liberated internal resources and shifted the focus from reactive firefighting to strategic security management: “we now know what to prioritize and how to address vulnerabilities effectively. The support from ANSecurity has been invaluable in helping us become more strategic and effective.”
The program also fosters a proactive risk management cycle, with daily monitoring of public-facing systems, monthly vulnerability summaries, and overnight verification of patch deployments.
The partnership with ANSecurity dates back to 2013, encompassing a range of projects including firewall upgrades, wireless network deployments, and strategic cybersecurity consultancy. The introduction of the MVM program represents a key step in the college’s ongoing efforts to modernize and strengthen its cybersecurity defenses.
“They are responsive, knowledgeable, and able to explain complex issues clearly. We look forward to working with them for many years to come,” said Jennings.
