IBHI
Company Details
Linkedin ID:
institute-for-behavior-and-health-inc
Website:
Employees number:
5
Number of followers:
21
NAICS:
921
Industry Type:
Homepage:
ibhinc.org
IP Addresses:
0
Company ID:
INS_8074090
Scan Status:
In-progress
Institute for Behavior and Health, Inc. Company CyberSecurity Posture
ibhinc.org
Founded in 1978, the Institute for Behavior and Health, Inc. is a 501(c)3 non-profit organization that develops new ideas to reduce illegal drug use. Non-partisan and non-political, IBH serves as a catalyst for change. IBH facilitates creative public and private sector collaboration to achieve this important public health goal. The mission of IBH is to reduce the use of illegal drugs and improve prevention and treatment. We work to achieve this mission by conducting research, promoting ideas that are affordable and scalable, linking with other individuals and groups to create synergies, and presenting new ideas at national meetings and in the media and by writing papers and reports that appear in leading journals and publications. This activity is managed and produced by the small and productive IBH staff, working with a uniquely talented and dedicated group of advisers and allies. While much of our work is original, IBH claims no ownership. IBH emphasizes collaboration and coalition-building. The result is our continued leadership in drug research and policy.
Institute for Behavior and Health, Inc. A.I CyberSecurity Scoring
IBHI Risk Score (AI oriented)Between 700 and 749
IBHI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
IBHI Global Score (TPRM)XXXX
IBHI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
IBHI Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
IBHI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for IBHI
Incidents vs Public Policy Offices Industry Average (This Year)
No incidents recorded for Institute for Behavior and Health, Inc. in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Institute for Behavior and Health, Inc. in 2025.
Incident Types IBHI vs Public Policy Offices Industry Avg (This Year)
No incidents recorded for Institute for Behavior and Health, Inc. in 2025.
Incident History — IBHI (X = Date, Y = Severity)
IBHI cyber incidents detection timeline including parent company and subsidiaries
IBHI Company Subsidiaries
Founded in 1978, the Institute for Behavior and Health, Inc. is a 501(c)3 non-profit organization that develops new ideas to reduce illegal drug use. Non-partisan and non-political, IBH serves as a catalyst for change. IBH facilitates creative public and private sector collaboration to achieve this important public health goal. The mission of IBH is to reduce the use of illegal drugs and improve prevention and treatment. We work to achieve this mission by conducting research, promoting ideas that are affordable and scalable, linking with other individuals and groups to create synergies, and presenting new ideas at national meetings and in the media and by writing papers and reports that appear in leading journals and publications. This activity is managed and produced by the small and productive IBH staff, working with a uniquely talented and dedicated group of advisers and allies. While much of our work is original, IBH claims no ownership. IBH emphasizes collaboration and coalition-building. The result is our continued leadership in drug research and policy.
Loading...
IBHI Similar Companies
EdTrust promotes high academic achievement for all students at all levels—pre-kindergarten through college. Our goal is to close the gaps in opportunity and achievement that consign far too many young people—especially those from low-income families or who are Black, Latino, or American Indian—to li
Center for Social Inclusion
Center for Social Inclusion's (CSI) mission is to catalyze communities, government, and other institutions to dismantle structural racial inequity. We craft and apply strategies and tools to transform our nation's policies and practices, in order to achieve racial equity. Our approach is organized
Valley Industry & Commerce Association (VICA)
VICA is widely considered one of the most influential business advocacy organizations in Southern California. With its knowledge of the legislative process and economic issues, VICA's access to public officials ensures that the San Fernando Valley's business perspective will be heard in the interest
DC International Advisory, LLC
Public policy and business consultancy based in DC focused on international affairs. Formerly DC Asia Advisory, LLC. Ours is a small consulting practice, established in 2006, led by two former administration officials, focused on providing independent political analysis and advisory services.
MBI Inc.
MBI, one of New Jersey’s largest public affairs firm, offers its clients more than 300 years of combined experience in state and local government relations and public relations. MBI is located on West State Street, just steps away from the State House, in a beautifully renovated century old buildin
DMI Associates - A Chemonics Company
DMI is an independent French company, specialised in public policies, in economic development, in the reform of judicial institutions, and the strengthening of institutional capacities for a better governance. Created in 1997 and established in Lyon, it offers a wide range of sustainable solutions
.png)
IBHI CyberSecurity News
October 26, 2025 07:00 AM
Healthcare Data Breach Statistics
In 2023, 725 data breaches were reported to OCR and across those breaches, more than 133 million records were exposed or impermissibly disclosed.
October 21, 2025 07:00 AM
UC San Diego’s Center for Healthcare Cybersecurity Protects Patients and Keeps Hospitals Running
Hospitals are increasingly reliant on networked technology to run lifesaving medical equipment and access patient records.
October 08, 2025 07:00 AM
Nearly Three in Four U.S. Healthcare Organizations Report Patient Care Disruption Due to Cyber Attacks, According to New Proofpoint-Ponemon Institute Report
SUNNYVALE, Calif., October 08, 2025--Proofpoint, Inc., a leading cybersecurity and compliance company, and Ponemon Institute,...
September 10, 2025 07:00 AM
The Children’s Center of Hamden reports data breach affecting 5K clients, staff
The Children's Center of Hamden recently notified more than 5000 clients and staff members that their personal and/or health information may...
July 20, 2025 07:00 AM
Broward Health IT director accused of possessing over 10,000 files of child pornography, arrest documents show
The cybersecurity director of a prominent South Florida public health network is facing "abhorrent" accusations after he was allegedly found...
June 03, 2025 07:00 AM
Holland & Knight Health Dose: June 3, 2025
The U.S. House of Representatives and U.S. Senate return after a recess. The House Committee on Appropriations will begin marking up...
May 21, 2025 07:00 AM
April 2025 Healthcare Data Breach Report
April saw a 17.9% month-over-month increase in healthcare data breaches, with 66 data breaches of 500 or more records reported to the HHS' Office for Civil...
April 24, 2025 07:00 AM
Dialysis company DaVita reviewing data leaked by ransomware gang
A ransomware gang posted the sensitive information of patients who received dialysis treatment from DaVita on its leak site Thursday morning.
March 11, 2025 07:00 AM
USF Sarasota-Manatee making its mark in artificial intelligence and cybersecurity
USF Sarasota-Manatee will play a major role in the new Bellini College of Artificial Intelligence, Cybersecurity and Computing.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
IBHI CyberSecurity History Information
Official Website of Institute for Behavior and Health, Inc.
The official website of Institute for Behavior and Health, Inc. is http://www.IBHinc.org.
Institute for Behavior and Health, Inc.’s AI-Generated Cybersecurity Score
According to Rankiteo, Institute for Behavior and Health, Inc.’s AI-generated cybersecurity score is 748, reflecting their Moderate security posture.
How many security badges does Institute for Behavior and Health, Inc.’ have ?
According to Rankiteo, Institute for Behavior and Health, Inc. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Institute for Behavior and Health, Inc. have SOC 2 Type 1 certification ?
According to Rankiteo, Institute for Behavior and Health, Inc. is not certified under SOC 2 Type 1.
Does Institute for Behavior and Health, Inc. have SOC 2 Type 2 certification ?
According to Rankiteo, Institute for Behavior and Health, Inc. does not hold a SOC 2 Type 2 certification.
Does Institute for Behavior and Health, Inc. comply with GDPR ?
According to Rankiteo, Institute for Behavior and Health, Inc. is not listed as GDPR compliant.
Does Institute for Behavior and Health, Inc. have PCI DSS certification ?
According to Rankiteo, Institute for Behavior and Health, Inc. does not currently maintain PCI DSS compliance.
Does Institute for Behavior and Health, Inc. comply with HIPAA ?
According to Rankiteo, Institute for Behavior and Health, Inc. is not compliant with HIPAA regulations.
Does Institute for Behavior and Health, Inc. have ISO 27001 certification ?
According to Rankiteo,Institute for Behavior and Health, Inc. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Institute for Behavior and Health, Inc.
Institute for Behavior and Health, Inc. operates primarily in the Public Policy Offices industry.
Number of Employees at Institute for Behavior and Health, Inc.
Institute for Behavior and Health, Inc. employs approximately 5 people worldwide.
Subsidiaries Owned by Institute for Behavior and Health, Inc.
Institute for Behavior and Health, Inc. presently has no subsidiaries across any sectors.
Institute for Behavior and Health, Inc.’s LinkedIn Followers
Institute for Behavior and Health, Inc.’s official LinkedIn profile has approximately 21 followers.
Institute for Behavior and Health, Inc.’s Presence on Crunchbase
No, Institute for Behavior and Health, Inc. does not have a profile on Crunchbase.
Institute for Behavior and Health, Inc.’s Presence on LinkedIn
Yes, Institute for Behavior and Health, Inc. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/institute-for-behavior-and-health-inc.
Cybersecurity Incidents Involving Institute for Behavior and Health, Inc.
As of November 28, 2025, Rankiteo reports that Institute for Behavior and Health, Inc. has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Institute for Behavior and Health, Inc. has an estimated 1,023 peer or competitor companies worldwide.
Institute for Behavior and Health, Inc. CyberSecurity History Information
How many cyber incidents has Institute for Behavior and Health, Inc. faced ?
Total Incidents: According to Rankiteo, Institute for Behavior and Health, Inc. has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Institute for Behavior and Health, Inc. ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=institute-for-behavior-and-health-inc' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
