GSK
Company Details
Linkedin ID:
gsk
Website:
Employees number:
90,031
Number of followers:
4,466,492
NAICS:
3254
Industry Type:
Homepage:
http://www.gsk.com
IP Addresses:
22
Company ID:
GSK_2411202
Scan Status:
Completed
GSK Company CyberSecurity Posture
http://www.gsk.com
We are uniting science, technology and talent to get ahead of disease together. Our community guidelines: https://gsk.to/socialmedia
GSK A.I CyberSecurity Scoring
GSK Risk Score (AI oriented)Between 800 and 849
GSK
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
GSK Global Score (TPRM)XXXX
GSK
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
GSK Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
GSK Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for GSK
Incidents vs Pharmaceutical Manufacturing Industry Average (This Year)
No incidents recorded for GSK in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for GSK in 2025.
Incident Types GSK vs Pharmaceutical Manufacturing Industry Avg (This Year)
No incidents recorded for GSK in 2025.
Incident History — GSK (X = Date, Y = Severity)
GSK cyber incidents detection timeline including parent company and subsidiaries
GSK Company Subsidiaries
We are uniting science, technology and talent to get ahead of disease together. Our community guidelines: https://gsk.to/socialmedia
Loading...
GSK Similar Companies
Eurofarma
Since its establishment in 1972, Eurofarma has been operating in the health industry, producing and marketing products and services to improve people's quality of life. Focused on generating shared value, it operates in the areas of Prescription, Nos-Prescription, Generics, Hospital and Oncology. It
Grifols
Grifols is a global healthcare company founded in Barcelona in 1909 committed to improving the health and well-being of people all over the world. A leader in essential plasma-derived medicines and transfusion medicine, we develop, produce and provide innovative healthcare services and solutions i
Astellas Pharma
Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women's health. Through our research and development programs, we are pioneer
Dr. Reddy's Laboratories
Established in 1984, we are a global pharmaceutical company headquartered in Hyderabad, India. Driven by our purpose of ‘Good Health Can’t Wait’, we work to provide access to affordable and innovative medicines. We offer a portfolio of products and services including APIs, generics, branded generics
EMS is the leading pharmaceutical company in Brazil. Established since 45 years and with 100% national capital, the company has two industrial plants strategically placed in São Bernardo do Campo and Hortolândia, in the state of São Paulo. With a work based on daring, simplicity, excellence and res
Takeda
We strive to transform lives. While the science we advance is constantly evolving, our core purpose is enduring. For more than two centuries, our values have guided us to do what’s right for patients and for society. We know that changing lives requires us to do things differently. We start by list
Torrent Pharmaceuticals Ltd
Torrent Pharma, with annual revenues of more than Rs 10,700 crores, is the flagship Company of the Torrent Group, with group revenues of Rs 41,000 crores. It is ranked 5th in the Indian Pharma Market and is among the Top 5 in the therapeutic segments of Cardiovascular (CV), Central Nervous System (C
SUN PHARMA
Sun Pharma is the world's fourth-largest speciality generic pharmaceutical company and No. 1 in India. We provide high-quality, affordable medicines trusted by customers and patients in over 100 countries. Sun Pharma's global presence is supported by more than 40 manufacturing facilities spread acro
At Bristol Myers Squibb, we work every day to transform patients’ lives through science. That work inspires some of the most interesting, meaningful, and life-changing careers you’ll experience. Join us and pursue innovative ideas alongside some of the brightest minds in biopharma, collaborating wit
.png)
GSK CyberSecurity News
October 18, 2025 07:00 AM
GSK’s Emma Walmsley Rejects Co-CEO Trend, Emphasizes Resilience in Leadership
GSK CEO Emma Walmsley, who oversaw major growth from Montco's campus, questions the co-CEO trend as she prepares to step down.
October 02, 2025 07:00 AM
Why Cybersecurity Professionals Are at High Risk of Burnout
Research from the ISC2 shows that security professionals are reaching breaking point, with cyberattacks growing in both frequency and...
October 02, 2025 07:00 AM
Burnout is Becoming Endemic Across the Cybersecurity Sector
Data from the ISC2 shows that, with cyberattacks becoming more frequent and sophisticated, cybersecurity professionals are burning out.
September 29, 2025 07:00 AM
Why burnout is a growing problem in cybersecurity
Facing increasing stress, cybersecurity professionals are dropping out of the workforce.
September 29, 2025 07:00 AM
Bank of England’s Ramsden says inflation will fall to target as jobs market weakens; gold hits new record high – as it happened
GSK's Emma Walmsley to be replaced as chief executive · Inside the Jaguar Land Rover hack: stalled smart factories, outsourced cybersecurity...
September 25, 2025 07:00 AM
Why pharma and life sciences must act now on the quantum threat
Pharmaceutical and life sciences organizations must act urgently to help protect the world's future medical breakthroughs from quantum...
September 24, 2025 07:00 AM
Rohan Kanungo Joins GSK as Director & Site Lead for Global Capability Centre in India
Rohan Kanungo has joined GSK as Director & Site Lead for the Global Capability Centre in India, within the Governance, Risk & Compliance.
August 11, 2025 07:00 AM
Cencora & The Lash Group Settle Data Breach Litigation for $40 Million
Cencora, The Lash Group, and their affiliates have agreed to pay $40 million to settle class action data breach litigation over a February...
June 05, 2025 07:00 AM
GlaxoSmithKline’s Cyber Security Challenges: Navigating Risks in a Complex Digital Landscape
GlaxoSmithKline faces significant risks in information and cyber security, as the company and its third-party partners may struggle to maintain...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
GSK CyberSecurity History Information
Official Website of GSK
The official website of GSK is http://www.gsk.com.
GSK’s AI-Generated Cybersecurity Score
According to Rankiteo, GSK’s AI-generated cybersecurity score is 823, reflecting their Good security posture.
How many security badges does GSK’ have ?
According to Rankiteo, GSK currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does GSK have SOC 2 Type 1 certification ?
According to Rankiteo, GSK is not certified under SOC 2 Type 1.
Does GSK have SOC 2 Type 2 certification ?
According to Rankiteo, GSK does not hold a SOC 2 Type 2 certification.
Does GSK comply with GDPR ?
According to Rankiteo, GSK is not listed as GDPR compliant.
Does GSK have PCI DSS certification ?
According to Rankiteo, GSK does not currently maintain PCI DSS compliance.
Does GSK comply with HIPAA ?
According to Rankiteo, GSK is not compliant with HIPAA regulations.
Does GSK have ISO 27001 certification ?
According to Rankiteo,GSK is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of GSK
GSK operates primarily in the Pharmaceutical Manufacturing industry.
Number of Employees at GSK
GSK employs approximately 90,031 people worldwide.
Subsidiaries Owned by GSK
GSK presently has no subsidiaries across any sectors.
GSK’s LinkedIn Followers
GSK’s official LinkedIn profile has approximately 4,466,492 followers.
NAICS Classification of GSK
GSK is classified under the NAICS code 3254, which corresponds to Pharmaceutical and Medicine Manufacturing.
GSK’s Presence on Crunchbase
No, GSK does not have a profile on Crunchbase.
GSK’s Presence on LinkedIn
Yes, GSK maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/gsk.
Cybersecurity Incidents Involving GSK
As of November 27, 2025, Rankiteo reports that GSK has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
GSK has an estimated 5,254 peer or competitor companies worldwide.
GSK CyberSecurity History Information
How many cyber incidents has GSK faced ?
Total Incidents: According to Rankiteo, GSK has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at GSK ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=gsk' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
