CCB
Company Details
Linkedin ID:
chinaciticbank
Website:
Employees number:
10,001
Number of followers:
0
NAICS:
52211
Industry Type:
Homepage:
citicbank.com
IP Addresses:
0
Company ID:
CHI_3190777
Scan Status:
In-progress
China CITIC Bank Company CyberSecurity Posture
citicbank.com
Overview Thinking on the corporate banking of small and medium sized commercial banks • Ranked the 99th among 2008 Global Top 500 Financial Brands • Chen Xiaoxian, the Bank’s President, was granted “Top 10 Financial Figures” Award in the fourth consecutive year • Selection activity about the ranking list of “50 Most Influential Events of Financial Reform and Opening-up in China and 2008 China's Best Financial Institutions” • Best Corporate Banking Business Award among Top 10 Outstanding Commercial Banks in Asia • Global Times 2008 Most Popular Retail Banks among Readers • China Business News 2008 Development Strategy Award Corporate Financial Service Brand of the Year Retail Financial Service Brand of the Year President Chen Xiaoxian was awarded “Financier of the Year 2008” • Chinese Chief Financial Officer (CFO) Most Trusted Bank 2008 by Chinese CFO • British Magazine “The Banker” Ranked the 77th among the Top 1000 World Banks • British Financial Times Ranked the 260th among 2008 Global Top 500 Enterprises in Market Value • 21st Century Business Herald China’s Most Potential Private Banks of the Year • ASIA MONEY Best Domestic Providers of FX Services Best For Overall FX Services Best Domestic Banks for Cash Management in China • The Asian Banker Journal Best Wealth Management Award • Euromoney Best Private Banks of Stock Portfolio Management in China • America Annual Call Centre Exhibition World’s Best Call Center
China CITIC Bank A.I CyberSecurity Scoring
CCB Risk Score (AI oriented)Between 800 and 849
CCB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CCB Global Score (TPRM)XXXX
CCB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CCB Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
CCB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CCB
Incidents vs Banking Industry Average (This Year)
No incidents recorded for China CITIC Bank in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for China CITIC Bank in 2025.
Incident Types CCB vs Banking Industry Avg (This Year)
No incidents recorded for China CITIC Bank in 2025.
Incident History — CCB (X = Date, Y = Severity)
CCB cyber incidents detection timeline including parent company and subsidiaries
CCB Company Subsidiaries
Overview Thinking on the corporate banking of small and medium sized commercial banks • Ranked the 99th among 2008 Global Top 500 Financial Brands • Chen Xiaoxian, the Bank’s President, was granted “Top 10 Financial Figures” Award in the fourth consecutive year • Selection activity about the ranking list of “50 Most Influential Events of Financial Reform and Opening-up in China and 2008 China's Best Financial Institutions” • Best Corporate Banking Business Award among Top 10 Outstanding Commercial Banks in Asia • Global Times 2008 Most Popular Retail Banks among Readers • China Business News 2008 Development Strategy Award Corporate Financial Service Brand of the Year Retail Financial Service Brand of the Year President Chen Xiaoxian was awarded “Financier of the Year 2008” • Chinese Chief Financial Officer (CFO) Most Trusted Bank 2008 by Chinese CFO • British Magazine “The Banker” Ranked the 77th among the Top 1000 World Banks • British Financial Times Ranked the 260th among 2008 Global Top 500 Enterprises in Market Value • 21st Century Business Herald China’s Most Potential Private Banks of the Year • ASIA MONEY Best Domestic Providers of FX Services Best For Overall FX Services Best Domestic Banks for Cash Management in China • The Asian Banker Journal Best Wealth Management Award • Euromoney Best Private Banks of Stock Portfolio Management in China • America Annual Call Centre Exhibition World’s Best Call Center
Loading...
CCB Similar Companies
Handelsbanken
We are Europe's safest commercial bank, with roots in local communities throughout Sweden, the Netherlands, Norway, and the UK. Across a range of digital and physical meeting places, our branch teams offer ‘up close and personal’ financial advice and solutions, based on customers’ individual needs.
Russian Standard Bank
Russian Standard Bank - leading private bank in the lending market. Bank sells credit programs in more than 1,200 locations across the country. Number of clients of the bank exceeded 23 millions, the total amount of consumer loans exceeded $30 billions. The number of trading partners of the Bank
Security Bank is one of the Philippines’ best-capitalized private domestic universal banks. Established in 1951 and publicly listed with the Philippine Stock Exchange (PSE: SECB) in 1995, our major businesses cover retail, corporate, commercial, and business (MSME) banking. We’re recognized as an E
BBVA
At BBVA we are leading the transformation of banking worldwide, united in pursuing our goal of bringing the age of opportunity to everyone. Firmly focused on the future, our on-going digital transformation is already producing disruptive innovations that power our vision of banking. Every one of o
CIC
CIC is the fourth largest banking group in France, consisting of seven regional banks which operate across France through a network of 1,844 branches employing 24,000 staff. CIC's customer base includes 2.7 million retail clients. One in eleven self-employed professionals is a CIC group client and n
HDFC Bank is India's largest private sector bank, offering a comprehensive range of financial products and services to our customer base of over 92 million. Our extensive distribution network of 8,919 branches and 21,031 ATMs across 3,836 cities and towns as of August 2024, reaches every corner of t
Industrial and Commercial Bank of China Ltd. (ICBC) (simplified Chinese: 中国工商银行; traditional Chinese: 中國工商銀行; pinyin: Zhōngguó Gōngshāng Yínháng, more commonly just 工行 Gōngháng) is China's largest bank and the largest bank in the world. It is one of China's "Big Four" state-owned commercial banks (t
Intesa Sanpaolo è il maggior gruppo bancario in Italia con una significativa presenza internazionale. Il suo business model distintivo la rende leader a livello europeo nel Wealth Management, Protection & Advisory e ne caratterizza l’orientamento al digitale. I’impegno in ambito ESG prevede, entro i
KeyBank
At KeyBank we’ve made a promise to our clients that they will always have a champion in us. To deliver on our promise, we’re committed to building a team of engaged employees who do the right thing for our clients and shareholders, and help them achieve financial wellness each and every day. Headqu
.png)
CCB CyberSecurity News
November 11, 2025 08:00 AM
CITIC Telecom CPC charts new course for AI+ security
Industry leaders gathered at the annual CPC Solutions Day to chart the future of AI and cybersecurity.
October 09, 2025 07:00 AM
Is China CITIC Bank (SEHK:998) Undervalued? A Fresh Look at Its Valuation After Recent Share Dip
China CITIC Bank (SEHK:998) shares have been in focus after a recent dip of 0.6% in the latest trading session, following declines over the...
August 07, 2025 07:00 AM
MSCI announces changes to equity indexes
MSCI said on Thursday it will add 42 securities and delete 56 from its widely followed ACWI equity index .
June 25, 2025 07:00 AM
China CITIC Bank International wins Best Digital Wealth Management Platform Initiative in Hong Kong for inclusive digital wealth strategy
China CITIC Bank International's inMotion platform expanded users' access to digital wealth services by offering personalised investment...
June 12, 2025 07:00 AM
Forbes' 2025 Global 2000 List: China - The World’s Largest Companies Ranked
Sluggish domestic consumption and the prospect of a U.S.-China trade war is already taking its toll among Chinese companies.
June 12, 2025 07:00 AM
Forbes' 2025 Global 2000 List - The World’s Largest Companies Ranked
For the 23rd year, Forbes' Global 2000 ranks the largest public companies in the world using four metrics—sales, profits, assets and market...
March 28, 2025 07:00 AM
Bank of East Asia names Bi Ming-qiang as chief executive of BEA China
Bi was formerly CEO, executive director, and president of China CITIC Bank International. Bank of East Asia, Limited (BEA) has named Bi...
February 20, 2025 08:00 AM
Exclusive: Abrdn in talks to launch China asset management venture with Citic unit, sources say
Abrdn is in advanced talks with Citic Bank to launch an asset management joint venture in China, two people with knowledge of the matter...
February 07, 2025 08:00 AM
CITIC Bank's Shandong branch fined for cybersecurity, AML violations in China
CITIC Bank's Shandong branch fined for cybersecurity, AML violations in China ... MLex Summary: A CITIC Bank branch in China's Rizhao city,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CCB CyberSecurity History Information
Official Website of China CITIC Bank
The official website of China CITIC Bank is http://www.citicbank.com.
China CITIC Bank’s AI-Generated Cybersecurity Score
According to Rankiteo, China CITIC Bank’s AI-generated cybersecurity score is 816, reflecting their Good security posture.
How many security badges does China CITIC Bank’ have ?
According to Rankiteo, China CITIC Bank currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does China CITIC Bank have SOC 2 Type 1 certification ?
According to Rankiteo, China CITIC Bank is not certified under SOC 2 Type 1.
Does China CITIC Bank have SOC 2 Type 2 certification ?
According to Rankiteo, China CITIC Bank does not hold a SOC 2 Type 2 certification.
Does China CITIC Bank comply with GDPR ?
According to Rankiteo, China CITIC Bank is not listed as GDPR compliant.
Does China CITIC Bank have PCI DSS certification ?
According to Rankiteo, China CITIC Bank does not currently maintain PCI DSS compliance.
Does China CITIC Bank comply with HIPAA ?
According to Rankiteo, China CITIC Bank is not compliant with HIPAA regulations.
Does China CITIC Bank have ISO 27001 certification ?
According to Rankiteo,China CITIC Bank is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of China CITIC Bank
China CITIC Bank operates primarily in the Banking industry.
Number of Employees at China CITIC Bank
China CITIC Bank employs approximately 10,001 people worldwide.
Subsidiaries Owned by China CITIC Bank
China CITIC Bank presently has no subsidiaries across any sectors.
China CITIC Bank’s LinkedIn Followers
China CITIC Bank’s official LinkedIn profile has approximately 0 followers.
NAICS Classification of China CITIC Bank
China CITIC Bank is classified under the NAICS code 52211, which corresponds to Commercial Banking.
China CITIC Bank’s Presence on Crunchbase
No, China CITIC Bank does not have a profile on Crunchbase.
China CITIC Bank’s Presence on LinkedIn
Yes, China CITIC Bank maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/chinaciticbank.
Cybersecurity Incidents Involving China CITIC Bank
As of November 27, 2025, Rankiteo reports that China CITIC Bank has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
China CITIC Bank has an estimated 6,716 peer or competitor companies worldwide.
China CITIC Bank CyberSecurity History Information
How many cyber incidents has China CITIC Bank faced ?
Total Incidents: According to Rankiteo, China CITIC Bank has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at China CITIC Bank ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=chinaciticbank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
