Comparison Overview

IAG

VS

USI Insurance Services

IAG

201 Sussex St, Sydney, New South Wales, 2000, AU
Last Update: 2025-12-09
View Profile
Between 750 and 799
http://www.iag.com.au

IAG is Australia and New Zealand's largest general insurance company with a purpose to make your world a safer place, whether you are a customer, partner, employee, shareholder or part of the communities IAG serves across Australia and New Zealand. Our businesses have helped people recover from natural disasters, accidents and loss since 1851. In Australia and New Zealand we provide insurance under many leading brands, including NRMA Insurance, CGU, SGIO, SGIC and WFI; and NZI, State, AMI and Lumley Insurance (New Zealand). We also have interests in general insurance joint ventures in Malaysia and India. Increasingly, we see our role extending beyond paying claims to increasing awareness of risk, and helping communities reduce and prevent risk. We believe it is our responsibility as an industry leader to use our influence and role as a major investor, purchaser and employer for the good of everyone. For further information please visit www.iag.com.au.

NAICS: 524
NAICS Definition: Insurance Carriers and Related Activities
Employees: 12,323
Subsidiaries: 6
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

USI Insurance Services

100 Summit Lake Drive, Suite 400, Valhalla, NY, US, 10595
Last Update: 2025-12-09
Between 750 and 799
http://www.usi.com

USI is one of the largest insurance brokerage and consulting firms in the world, delivering property and casualty, employee benefits, personal risk, program and retirement solutions to large risk management clients, middle market companies, smaller firms and individuals. Headquartered in Valhalla, New York, USI connects over 10,500 industry-leading professionals across approximately 200 offices to serve clients’ local, national and international needs. USI has become a premier insurance brokerage and consulting firm by leveraging the USI ONE Advantage®, an interactive platform that integrates proprietary and innovative client solutions, networked local resources and enterprise-wide collaboration to deliver customized results with positive, bottom-line impact. USI attracts best-in-class industry talent with a long history of deep and continuing investment in our local communities. For more information, visit usi.com.

NAICS: 524
NAICS Definition: Insurance Carriers and Related Activities
Employees: 10,541
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/iag.jpeg
IAG
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/usi-insurance-services.jpeg
USI Insurance Services
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
IAG
100%
Compliance Rate
0/4 Standards Verified
USI Insurance Services
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Insurance Industry Average (This Year)

No incidents recorded for IAG in 2025.

Incidents vs Insurance Industry Average (This Year)

No incidents recorded for USI Insurance Services in 2025.

Incident History — IAG (X = Date, Y = Severity)

IAG cyber incidents detection timeline including parent company and subsidiaries

Incident History — USI Insurance Services (X = Date, Y = Severity)

USI Insurance Services cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/iag.jpeg
IAG
Incidents

No Incident

https://images.rankiteo.com/companyimages/usi-insurance-services.jpeg
USI Insurance Services
Incidents

No Incident

FAQ

IAG company demonstrates a stronger AI Cybersecurity Score compared to USI Insurance Services company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, USI Insurance Services company has disclosed a higher number of cyber incidents compared to IAG company.

In the current year, USI Insurance Services company and IAG company have not reported any cyber incidents.

Neither USI Insurance Services company nor IAG company has reported experiencing a ransomware attack publicly.

Neither USI Insurance Services company nor IAG company has reported experiencing a data breach publicly.

Neither USI Insurance Services company nor IAG company has reported experiencing targeted cyberattacks publicly.

Neither IAG company nor USI Insurance Services company has reported experiencing or disclosing vulnerabilities publicly.

Neither IAG nor USI Insurance Services holds any compliance certifications.

Neither company holds any compliance certifications.

IAG company has more subsidiaries worldwide compared to USI Insurance Services company.

IAG company employs more people globally than USI Insurance Services company, reflecting its scale as a Insurance.

Neither IAG nor USI Insurance Services holds SOC 2 Type 1 certification.

Neither IAG nor USI Insurance Services holds SOC 2 Type 2 certification.

Neither IAG nor USI Insurance Services holds ISO 27001 certification.

Neither IAG nor USI Insurance Services holds PCI DSS certification.

Neither IAG nor USI Insurance Services holds HIPAA certification.

Neither IAG nor USI Insurance Services holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
References
Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
References