Comparison Overview

CN

VS

Hitachi Rail

CN

935 de La Gauchetière Street West, Montreal, H3B 2M9, CA
Last Update: 2025-12-09
View Profile
Between 800 and 849
https://www.cn.ca

CN is a North American transportation and logistics leader focused on supply chain innovation and collaboration. We offer integrated shipping solutions, including rail, intermodal, trucking, freight forwarding, warehousing and distribution. We are an engaged corporate citizen, committed to the safety of our employees, customers and the public. CN is invested in building shareholder value and stronger communities, focused on environmental stewardship and developing an exceptional environment in the workplace. CN has the expertise, the network reach and the capacity to move your goods to a global marketplace in a safe, timely and cost effective manner. Welcome to CN, North America's Railroad.

NAICS: 482
NAICS Definition: Rail Transportation
Employees: 12,656
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Hitachi Rail

60 Ludgate Hill, 7th Floor, One New Ludgate, London, England, GB, EC4M 7AW
Last Update: 2025-12-11
Between 750 and 799
http://www.hitachirail.com

Hitachi Rail is committed to driving a sustainable mobility transition and helping every passenger, customer and community enjoy more connected, seamless and sustainable transport. Hitachi Rail is a trusted partner to operators around the world with expertise across every part of the rail ecosystems – from manufacture and maintenance of rolling stock to digital signalling and smart operational systems. In FY23, the company had revenues of €7bn with 24,000 employees across over 50 countries, and it invests in its diverse and talented teams. Drawing on the wider Hitachi group companies, Hitachi Rail furthers the development of digital innovation and new technologies to help pioneer resilient and sustainable solutions.

NAICS: 482
NAICS Definition: Rail Transportation
Employees: 14,420
Subsidiaries: 17
12-month incidents
1
Known data breaches
0
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/cn.jpeg
CN
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/hitachirail.jpeg
Hitachi Rail
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
CN
100%
Compliance Rate
0/4 Standards Verified
Hitachi Rail
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Rail Transportation Industry Average (This Year)

No incidents recorded for CN in 2025.

Incidents vs Rail Transportation Industry Average (This Year)

Hitachi Rail has 66.67% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — CN (X = Date, Y = Severity)

CN cyber incidents detection timeline including parent company and subsidiaries

Incident History — Hitachi Rail (X = Date, Y = Severity)

Hitachi Rail cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/cn.jpeg
CN
Incidents

No Incident

https://images.rankiteo.com/companyimages/hitachirail.jpeg
Hitachi Rail
Incidents

Date Detected: 8/2025
Type:Ransomware
Attack Vector: Stolen credentials, Vulnerability exploitation, Phishing
Motivation: Financial gain
Blog: Blog

Date Detected: 7/2025
Type:Vulnerability
Attack Vector: Radio Frequency (RF) communications
Motivation: Disruption of operations, brake system failures
Blog: Blog

Date Detected: 4/2025
Type:Ransomware
Motivation: Financial Gain
Blog: Blog

FAQ

CN company demonstrates a stronger AI Cybersecurity Score compared to Hitachi Rail company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Hitachi Rail company has historically faced a number of disclosed cyber incidents, whereas CN company has not reported any.

In the current year, Hitachi Rail company has reported more cyber incidents than CN company.

Hitachi Rail company has confirmed experiencing a ransomware attack, while CN company has not reported such incidents publicly.

Neither Hitachi Rail company nor CN company has reported experiencing a data breach publicly.

Neither Hitachi Rail company nor CN company has reported experiencing targeted cyberattacks publicly.

Hitachi Rail company has disclosed at least one vulnerability, while CN company has not reported such incidents publicly.

Neither CN nor Hitachi Rail holds any compliance certifications.

Neither company holds any compliance certifications.

Hitachi Rail company has more subsidiaries worldwide compared to CN company.

Hitachi Rail company employs more people globally than CN company, reflecting its scale as a Rail Transportation.

Neither CN nor Hitachi Rail holds SOC 2 Type 1 certification.

Neither CN nor Hitachi Rail holds SOC 2 Type 2 certification.

Neither CN nor Hitachi Rail holds ISO 27001 certification.

Neither CN nor Hitachi Rail holds PCI DSS certification.

Neither CN nor Hitachi Rail holds HIPAA certification.

Neither CN nor Hitachi Rail holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References