Comparison Overview

Berkshire Partners

VS

Aon

Berkshire Partners

200 Clarendon Street, Boston, MA, US, 02116
Last Update: 2025-12-09
View Profile
Between 700 and 749
http://www.berkshirepartners.com

Berkshire Partners is a 100% employee-owned, multi-sector specialist investor in private and public equity. The firm's private equity team invests in well-positioned, growing companies across business & consumer services, healthcare, industrials, and technology & communications. Berkshire is currently investing from its Fund XI, which held its final closing in 2024 with approximately $7.8 billion in commitments. Since inception, Berkshire Partners has made more than 150 private equity investments and has a strong history of collaborating with management teams to grow the companies in which it invests. For additional information, visit www.berkshirepartners.com.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 279
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
2
View Profile

Aon

122 Leadenhall Street, London, undefined, EC3V 4AN, GB
Last Update: 2025-12-11
Between 750 and 799
http://www.aon.com

We exist to shape decisions for the better — to protect and enrich the lives of people around the world. Through actionable analytic insight, globally integrated Risk Capital and Human Capital expertise, and locally relevant solutions, our colleagues provide clients in over 120 countries with the clarity and confidence to make better risk and people decisions that help protect and grow their businesses.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 75,543
Subsidiaries: 11
12-month incidents
0
Known data breaches
2
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/berkshire-partners.jpeg
Berkshire Partners
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/aon.jpeg
Aon
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Berkshire Partners
100%
Compliance Rate
0/4 Standards Verified
Aon
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Berkshire Partners in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Aon in 2025.

Incident History — Berkshire Partners (X = Date, Y = Severity)

Berkshire Partners cyber incidents detection timeline including parent company and subsidiaries

Incident History — Aon (X = Date, Y = Severity)

Aon cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/berkshire-partners.jpeg
Berkshire Partners
Incidents

Date Detected: 08/2022
Type:Cyber Attack
Attack Vector: Email Account Compromise
Blog: Blog

Date Detected: 8/2021
Type:Breach
Attack Vector: Email Account Compromise
Blog: Blog
https://images.rankiteo.com/companyimages/aon.jpeg
Aon
Incidents

Date Detected: 07/2023
Type:Data Leak
Attack Vector: SQL Injection
Blog: Blog

Date Detected: 02/2022
Type:Cyber Attack
Blog: Blog

Date Detected: 12/2020
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

FAQ

Aon company demonstrates a stronger AI Cybersecurity Score compared to Berkshire Partners company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Aon company has faced a higher number of disclosed cyber incidents historically compared to Berkshire Partners company.

In the current year, Aon company and Berkshire Partners company have not reported any cyber incidents.

Neither Aon company nor Berkshire Partners company has reported experiencing a ransomware attack publicly.

Both Aon company and Berkshire Partners company have disclosed experiencing at least one data breach.

Both Aon company and Berkshire Partners company have reported experiencing targeted cyberattacks.

Neither Berkshire Partners company nor Aon company has reported experiencing or disclosing vulnerabilities publicly.

Neither Berkshire Partners nor Aon holds any compliance certifications.

Neither company holds any compliance certifications.

Aon company has more subsidiaries worldwide compared to Berkshire Partners company.

Aon company employs more people globally than Berkshire Partners company, reflecting its scale as a Financial Services.

Neither Berkshire Partners nor Aon holds SOC 2 Type 1 certification.

Neither Berkshire Partners nor Aon holds SOC 2 Type 2 certification.

Neither Berkshire Partners nor Aon holds ISO 27001 certification.

Neither Berkshire Partners nor Aon holds PCI DSS certification.

Neither Berkshire Partners nor Aon holds HIPAA certification.

Neither Berkshire Partners nor Aon holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
Description

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Description

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend System Configuration Module. The manipulation of the argument Cj_Add/Cj_Edit results in code injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration Module. The manipulation of the argument CT_App_Paytype leads to code injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss4
Base: 1.0
Severity: HIGH
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References