Comparison Overview

CIC

VS

Bank of China

CIC

6, Avenue de Provence, None, Paris, Île-de-France, FR, 75009
Last Update: 2025-12-09
View Profile
Between 750 and 799
http://www.cic.fr

CIC is the fourth largest banking group in France, consisting of seven regional banks which operate across France through a network of 1,844 branches employing 24,000 staff. CIC's customer base includes 2.7 million retail clients. One in eleven self-employed professionals is a CIC group client and nearly one in three companies banks with CIC Group.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 11,132
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Bank of China

Bank of China Head Office Building, Beijing, undefined, 100818, CN
Last Update: 2025-12-09
Between 800 and 849
http://www.boc.cn

Bank of China, include BOC Hong Kong, BOC International, BOCG Insurance and other financial institutions, providing a comprehensive range of high-quality financial services to individual and corporate customers as well as financial institutions worldwide. Over the past century, Bank of China played an important role in China’s financial history. It was established in 1912 pursuant to the approval of DR. Sun Yat-sen. In the following 37 years the Bank served as the central bank, international exchange bank and specialized foreign trade bank successively. In 1949, Bank of China became the state-designated specialized foreign exchange bank. In 2003, it was named by the State Council as one of the pilot banks for joint-stock reform of wholly state-owned commercial banks. On August 26, 2004, Bank of China Limited was formally incorporated in Beijing as a state-controlled joint stock commercial bank. Bank of China is the most internationalized commercial bank in China. BOC London Branch, the first overseas branch of the Chinese banks, was established in 1929. Currently, it had over 10000 domestic operations and over 600 overseas operations. In 1994 and 1995, Bank of China became the note issuing bank in Hong Kong and Macao respectively. The Bank prepared a new strategic development plan which was approved by the Board of Directors in March 2009. Strategic Positioning: To be a large multinational banking group based on a diversified and integrated cross-border business platform, with a core business of commercial banking. Strategic Goals: To be a leading international bank delivering growth and excellence.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 22,584
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/cic.jpeg
CIC
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/bank-of-china.jpeg
Bank of China
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
CIC
100%
Compliance Rate
0/4 Standards Verified
Bank of China
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Banking Industry Average (This Year)

No incidents recorded for CIC in 2025.

Incidents vs Banking Industry Average (This Year)

No incidents recorded for Bank of China in 2025.

Incident History — CIC (X = Date, Y = Severity)

CIC cyber incidents detection timeline including parent company and subsidiaries

Incident History — Bank of China (X = Date, Y = Severity)

Bank of China cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/cic.jpeg
CIC
Incidents

No Incident

https://images.rankiteo.com/companyimages/bank-of-china.jpeg
Bank of China
Incidents

No Incident

FAQ

Bank of China company demonstrates a stronger AI Cybersecurity Score compared to CIC company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Bank of China company has disclosed a higher number of cyber incidents compared to CIC company.

In the current year, Bank of China company and CIC company have not reported any cyber incidents.

Neither Bank of China company nor CIC company has reported experiencing a ransomware attack publicly.

Neither Bank of China company nor CIC company has reported experiencing a data breach publicly.

Neither Bank of China company nor CIC company has reported experiencing targeted cyberattacks publicly.

Neither CIC company nor Bank of China company has reported experiencing or disclosing vulnerabilities publicly.

Neither CIC nor Bank of China holds any compliance certifications.

Neither company holds any compliance certifications.

Neither CIC company nor Bank of China company has publicly disclosed detailed information about the number of their subsidiaries.

Bank of China company employs more people globally than CIC company, reflecting its scale as a Banking.

Neither CIC nor Bank of China holds SOC 2 Type 1 certification.

Neither CIC nor Bank of China holds SOC 2 Type 2 certification.

Neither CIC nor Bank of China holds ISO 27001 certification.

Neither CIC nor Bank of China holds PCI DSS certification.

Neither CIC nor Bank of China holds HIPAA certification.

Neither CIC nor Bank of China holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
References
Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
References