Badge
11,371 badges added since 01 January 2025
ISO 27001 Certificate
SOC 1 Type I Certificate
SOC 2 Type II Certificate
PCI DSS
HIPAA
RGPD
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

DNV is the independent expert in risk management and assurance, operating in more than 100 countries. Through its broad experience and deep expertise DNV advances safety and sustainable performance, sets industry benchmarks, and inspires and invents solutions. Whether assessing a new ship design, optimizing the performance of a wind farm, analyzing sensor data from a gas pipeline or certifying a food company’s supply chain, DNV enables its customers and their stakeholders to make critical decisions with confidence. Driven by its purpose, to safeguard life, property, and the environment, DNV helps tackle the challenges and global transformations facing its customers and the world today and is a trusted voice for many of the world’s most successful and forward-thinking companies. DNV uses cookies. For more information, please visit https://www.dnv.com/privacy/change-cookie-settings.html

DNV A.I CyberSecurity Scoring

DNV

Company Details

Linkedin ID:

dnv

Employees number:

22,456

Number of followers:

615,328

NAICS:

92219

Industry Type:

Public Safety

Homepage:

dnv.com

IP Addresses:

0

Company ID:

DNV_1524730

Scan Status:

In-progress

AI scoreDNV Risk Score (AI oriented)

Between 700 and 749

https://images.rankiteo.com/companyimages/dnv.jpeg
DNV Public Safety
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreDNV Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/dnv.jpeg
DNV Public Safety
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

DNV Company CyberSecurity News & History

Past Incidents
1
Attack Types
1
EntityTypeSeverityImpactSeenBlog DetailsSupply Chain SourceIncident DetailsView
DNVRansomware10051/2023NA
Rankiteo Explanation :
Attack threatening the organization’s existence

Description: In January 2023, Oslo-based DNV a leading global maritime classification society and risk management provider fell victim to a ransomware attack on January 7, forcing the shutdown of IT servers linked to its ShipManager system. The incident disrupted operations for 70 customers, impacting approximately 1,000 vessels reliant on the system for navigation, safety, and compliance management. DNV initiated daily communications with affected clients, providing updates from ongoing forensic investigations. While the attack caused significant operational disruptions potentially halting vessel management, logistical coordination, and regulatory compliance the company did not confirm whether sensitive customer or proprietary data was exfiltrated. The shutdown of critical IT infrastructure posed risks to maritime safety, supply chain continuity, and DNV’s reputation as a trusted industry authority. Recovery efforts focused on restoring systems while mitigating further propagation of the ransomware.

DNV
Ransomware
Severity: 100
Impact: 5
Seen: 1/2023
Blog:
Supply Chain Source: NA
Rankiteo Explanation
Attack threatening the organization’s existence

Description: In January 2023, Oslo-based DNV a leading global maritime classification society and risk management provider fell victim to a ransomware attack on January 7, forcing the shutdown of IT servers linked to its ShipManager system. The incident disrupted operations for 70 customers, impacting approximately 1,000 vessels reliant on the system for navigation, safety, and compliance management. DNV initiated daily communications with affected clients, providing updates from ongoing forensic investigations. While the attack caused significant operational disruptions potentially halting vessel management, logistical coordination, and regulatory compliance the company did not confirm whether sensitive customer or proprietary data was exfiltrated. The shutdown of critical IT infrastructure posed risks to maritime safety, supply chain continuity, and DNV’s reputation as a trusted industry authority. Recovery efforts focused on restoring systems while mitigating further propagation of the ransomware.

Ailogo

DNV Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

🔒
Incident Predictions locked
Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

🔒
A.I. Risk Score Predictions locked
Access Monitoring Plan
statics

Underwriter Stats for DNV

Incidents vs Public Safety Industry Average (This Year)

No incidents recorded for DNV in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for DNV in 2026.

Incident Types DNV vs Public Safety Industry Avg (This Year)

No incidents recorded for DNV in 2026.

Incident History — DNV (X = Date, Y = Severity)

DNV cyber incidents detection timeline including parent company and subsidiaries

DNV Company Subsidiaries

SubsidiaryImage

DNV is the independent expert in risk management and assurance, operating in more than 100 countries. Through its broad experience and deep expertise DNV advances safety and sustainable performance, sets industry benchmarks, and inspires and invents solutions. Whether assessing a new ship design, optimizing the performance of a wind farm, analyzing sensor data from a gas pipeline or certifying a food company’s supply chain, DNV enables its customers and their stakeholders to make critical decisions with confidence. Driven by its purpose, to safeguard life, property, and the environment, DNV helps tackle the challenges and global transformations facing its customers and the world today and is a trusted voice for many of the world’s most successful and forward-thinking companies. DNV uses cookies. For more information, please visit https://www.dnv.com/privacy/change-cookie-settings.html

Loading...
similarCompanies

DNV Similar Companies

TÜV SÜD

TÜV SÜD is the trusted partner of choice for safety, security and sustainability solutions. Our community of experts is passionate about technology and united by the belief that technology should better people’s lives. We work alongside our customers to anticipate and capitalize on technological d

TÜV Rheinland Group

Neutral, independent third party For more than 150 years, TÜV Rheinland has stood for ensuring quality, safety, and efficiency in conjunction with people, the environment, and technology. As a neutral, independent third party, we test, accompany, develop, promote and certify products, plants, proc

DEKRA

For 100 years, DEKRA has been a trusted name in safety. Founded in 1925 with the original goal of improving road safety through vehicle inspections, DEKRA has grown to become the world's largest independent, non-listed expert organization in the field of testing, inspection, and certification. Today

newsone

DNV CyberSecurity News

September 15, 2025 07:00 AM
DNV details ‘SteganoAmor’ malware campaign used against Iranian oil and gas traders, extends to maritime operators

CyberOwl, a DNV company, uncovered a sophisticated phishing and malware campaign targeting Iranian oil and gas trading organizations,...

July 15, 2025 07:00 AM
NIS2: A catalyst for improving maritime cybersecurity

The new EU Cybersecurity Directive (NIS2) strengthens cyber resilience across critical infrastructure and mandates operators to maintain an...

May 09, 2025 07:00 AM
Cybersecurity: European solar power plants under pressure

A report by the European solar association SolarPower Europe highlights the cybersecurity challenges of PV installations in the European Union.

May 01, 2025 07:00 AM
ESMC Warns of Cybersecurity Risks in Europe’s Solar Infrastructure Due to Chinese Inverters

The European Solar Manufacturing Council (ESMC) urges immediate EU action to address cybersecurity threats posed by Chinese-made PV...

April 17, 2025 07:00 AM
AI could enhance or harm the wind industry’s cybersecurity

The wind industry is undergoing a digital transformation to optimise energy production, reduce costs and enhance operational efficiency.

April 05, 2025 01:30 AM
Energy cyber priorities for 2025

DNV's annual survey and analysis finds that even as the energy industry becomes more mature in its cybersecurity posture, it needs to continue to strengthen...

March 28, 2025 07:00 AM
DNV reports half of critical infrastructure firms lack supply chain visibility, exposing them to cyber threats

New research from DNV identified that half of critical infrastructure organizations are not sure where their supply chain is,...

March 27, 2025 07:00 AM
Moxa Network and Communication Devices Certified With DNV Type Approval of Security Profile 2 and IEC 61162-460

Moxa Network and Communication Devices Certified With DNV Type Approval of Security Profile 2 and IEC 61162-460.

January 22, 2025 08:00 AM
DNV report highlights increased OT cybersecurity investment in energy sector due to escalating threats

DNV report highlights increased OT cybersecurity investment in energy sector due to escalating threats.

faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

DNV CyberSecurity History Information

Official Website of DNV

The official website of DNV is https://www.dnv.com.

DNV’s AI-Generated Cybersecurity Score

According to Rankiteo, DNV’s AI-generated cybersecurity score is 745, reflecting their Moderate security posture.

How many security badges does DNV’ have ?

According to Rankiteo, DNV currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has DNV been affected by any supply chain cyber incidents ?

According to Rankiteo, DNV has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does DNV have SOC 2 Type 1 certification ?

According to Rankiteo, DNV is not certified under SOC 2 Type 1.

Does DNV have SOC 2 Type 2 certification ?

According to Rankiteo, DNV does not hold a SOC 2 Type 2 certification.

Does DNV comply with GDPR ?

According to Rankiteo, DNV is not listed as GDPR compliant.

Does DNV have PCI DSS certification ?

According to Rankiteo, DNV does not currently maintain PCI DSS compliance.

Does DNV comply with HIPAA ?

According to Rankiteo, DNV is not compliant with HIPAA regulations.

Does DNV have ISO 27001 certification ?

According to Rankiteo,DNV is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Industry Classification of DNV

DNV operates primarily in the Public Safety industry.

Number of Employees at DNV

DNV employs approximately 22,456 people worldwide.

Subsidiaries Owned by DNV

DNV presently has no subsidiaries across any sectors.

DNV’s LinkedIn Followers

DNV’s official LinkedIn profile has approximately 615,328 followers.

NAICS Classification of DNV

DNV is classified under the NAICS code 92219, which corresponds to Other Justice, Public Order, and Safety Activities.

DNV’s Presence on Crunchbase

Yes, DNV has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/dnv.

DNV’s Presence on LinkedIn

Yes, DNV maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dnv.

Cybersecurity Incidents Involving DNV

As of January 24, 2026, Rankiteo reports that DNV has experienced 1 cybersecurity incidents.

Number of Peer and Competitor Companies

DNV has an estimated 2,093 peer or competitor companies worldwide.

What types of cybersecurity incidents have occurred at DNV ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.

How does DNV detect and respond to cybersecurity incidents ?

Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with shut down it servers connected to shipmanager system, and communication strategy with daily updates to 70 affected customers on forensic investigation findings..

Incident Details

Can you provide details on each incident ?

Incident : Ransomware

Title: DNV Ransomware Attack (January 2023)

Description: In January 2023, Oslo-based DNV – one of the world’s largest maritime organizations – was hit with ransomware on the evening of January 7 and was forced to shut down the IT servers connected to their ShipManager system. DNV is communicating daily with all 70 affected customers to update them on findings of the ongoing forensic investigations. In total, around 1000 vessels are affected.

Date Detected: 2023-01-07

Date Publicly Disclosed: 2023-01-07

Type: Ransomware

What are the most common types of attacks the company has faced ?

Common Attack Types: The most common types of attacks the company has faced is Ransomware.

Impact of the Incidents

What was the impact of each incident ?

Incident : Ransomware DNV905092125

Systems Affected: ShipManager system

Operational Impact: 1000 vessels affected; IT servers shut down

Which entities were affected by each incident ?

Incident : Ransomware DNV905092125

Entity Name: DNV

Entity Type: Organization

Industry: Maritime

Location: Oslo, Norway

Customers Affected: 70

Response to the Incidents

What measures were taken in response to each incident ?

Incident : Ransomware DNV905092125

Incident Response Plan Activated: True

Containment Measures: Shut down IT servers connected to ShipManager system

Communication Strategy: Daily updates to 70 affected customers on forensic investigation findings

Data Breach Information

How does the company handle incidents involving personally identifiable information (PII) ?

Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by shut down it servers connected to shipmanager system and .

Ransomware Information

Was ransomware involved in any of the incidents ?

Incident : Ransomware DNV905092125

Data Encryption: True

Investigation Status

What is the current status of the investigation for each incident ?

Incident : Ransomware DNV905092125

Investigation Status: Ongoing (as of January 2023 disclosure)

How does the company communicate the status of incident investigations to stakeholders ?

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Daily updates to 70 affected customers on forensic investigation findings.

Stakeholder and Customer Advisories

Were there any advisories issued to stakeholders or customers for each incident ?

Incident : Ransomware DNV905092125

Customer Advisories: Daily updates provided to 70 affected customers

What advisories does the company provide to stakeholders and customers following an incident ?

Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Daily updates provided to 70 affected customers.

Additional Questions

Incident Details

What was the most recent incident detected ?

Most Recent Incident Detected: The most recent incident detected was on 2023-01-07.

What was the most recent incident publicly disclosed ?

Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-01-07.

Impact of the Incidents

What was the most significant system affected in an incident ?

Most Significant System Affected: The most significant system affected in an incident was ShipManager system.

Response to the Incidents

What containment measures were taken in the most recent incident ?

Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Shut down IT servers connected to ShipManager system.

Investigation Status

What is the current status of the most recent investigation ?

Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (as of January 2023 disclosure).

Stakeholder and Customer Advisories

What was the most recent customer advisory issued ?

Most Recent Customer Advisory: The most recent customer advisory issued was an Daily updates provided to 70 affected customers.

cve

Latest Global CVEs (Not Company-Specific)

Description

Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.

Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.

Description

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.

Description

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.

Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dnv' -H 'apikey: YOUR_API_KEY_HERE'

What Do We Measure ?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
Users Love Us Badge