Comparison Overview

Gratia Plena

VS

National Institute for Change

Gratia Plena

10707 Corporate Drive, Stafford, Texas, 77477, US
Last Update: 2026-01-23
View Profile
Between 750 and 799
http://www.gratiaplenacounseling.org

We are a 501(c)(3) nonprofit designed to provide mental and spiritual health services for mental illnesses, addictions, marriage/family issues as well as the spiritual distress that often accompanies them, in manner that is faithful to the teachings, values, and traditions of the Catholic Church. We have a large crew of excellent counselors providing services at five office locations plus one parish where we are working in a temporary space. We also extend our assistance out into the community in the spirit of prevention and intervention programs via adult and youth education programs, as well as spiritual formation presentations. We interface with a number of offices, projects, and parishes in the Archdiocese of Galveston-Houston. Because we are a nonprofit, we do not turn anyone away due to ability to pay, and so we rely greatly on financial donations. At this time in history, there is a tremendous need for mental health services in the community, and these issues impact family functioning, ability to work and go to school, and overall quality of life. Please consider making a donation today to support our mission. God bless you!

NAICS: 621
NAICS Definition:
Employees: 31
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

National Institute for Change

3225 Wadsworth Blvd, Lakewood, 80227, US
Last Update: 2026-01-22
Between 750 and 799
http://www.nichange.com

At the National Institute for Change we provide Gold Standard care, intervention and strategies for the following services: Therapeutic Adult Services and One Day Classes. We are a state-licensed outpatient mental health and substance abuse treatment agency offering services for clients throughout the Metro Denver area. We are your teammates when a crisis hits and you need to resolve challenging issues. Our team approach provides assessment of your strengths and challenges. We bring advanced degrees, extensive training, diverse experiences, and our humanity to your present situation to help you rediscover and sustain your freedom with dignity and choice. NIC provides evaluation, assessment and a range of therapies for voluntary and court-ordered clients. We assess individual strengths and challenges and assist in creating a holistic and integrated treatment plan that matches needs and goals. Our mission is to empower individuals, families, and communities toward dignity, safety and choice, through state of the art therapies

NAICS: 62133
NAICS Definition: Offices of Mental Health Practitioners (except Physicians)
Employees: 16
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/gratia-plena.jpeg
Gratia Plena
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/national-institute-for-change.jpeg
National Institute for Change
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Gratia Plena
100%
Compliance Rate
0/4 Standards Verified
National Institute for Change
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Mental Health Care Industry Average (This Year)

No incidents recorded for Gratia Plena in 2026.

Incidents vs Mental Health Care Industry Average (This Year)

No incidents recorded for National Institute for Change in 2026.

Incident History — Gratia Plena (X = Date, Y = Severity)

Gratia Plena cyber incidents detection timeline including parent company and subsidiaries

Incident History — National Institute for Change (X = Date, Y = Severity)

National Institute for Change cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/gratia-plena.jpeg
Gratia Plena
Incidents

No Incident

https://images.rankiteo.com/companyimages/national-institute-for-change.jpeg
National Institute for Change
Incidents

No Incident

FAQ

National Institute for Change company demonstrates a stronger AI Cybersecurity Score compared to Gratia Plena company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, National Institute for Change company has disclosed a higher number of cyber incidents compared to Gratia Plena company.

In the current year, National Institute for Change company and Gratia Plena company have not reported any cyber incidents.

Neither National Institute for Change company nor Gratia Plena company has reported experiencing a ransomware attack publicly.

Neither National Institute for Change company nor Gratia Plena company has reported experiencing a data breach publicly.

Neither National Institute for Change company nor Gratia Plena company has reported experiencing targeted cyberattacks publicly.

Neither Gratia Plena company nor National Institute for Change company has reported experiencing or disclosing vulnerabilities publicly.

Neither Gratia Plena nor National Institute for Change holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Gratia Plena company nor National Institute for Change company has publicly disclosed detailed information about the number of their subsidiaries.

Gratia Plena company employs more people globally than National Institute for Change company, reflecting its scale as a Mental Health Care.

Neither Gratia Plena nor National Institute for Change holds SOC 2 Type 1 certification.

Neither Gratia Plena nor National Institute for Change holds SOC 2 Type 2 certification.

Neither Gratia Plena nor National Institute for Change holds ISO 27001 certification.

Neither Gratia Plena nor National Institute for Change holds PCI DSS certification.

Neither Gratia Plena nor National Institute for Change holds HIPAA certification.

Neither Gratia Plena nor National Institute for Change holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
References
Description

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Description

Azure Entra ID Elevation of Privilege Vulnerability

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References
Description

Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References