What is the official website of National Association of Counties ?

The official website of National Association of Counties is http://www.naco.org.

What is National Association of Counties's cybersecurity risk score?

National Association of Counties has an AI-generated cybersecurity risk score of 751 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has National Association of Counties experienced?

According to Rankiteo, National Association of Counties currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has National Association of Counties been affected by any supply chain cyber incidents ?

According to Rankiteo, National Association of Counties has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does National Association of Counties have SOC 2 Type 1 certification ?

According to Rankiteo, National Association of Counties is not certified under SOC 2 Type 1.

Does National Association of Counties have SOC 2 Type 2 certification ?

According to Rankiteo, National Association of Counties does not hold a SOC 2 Type 2 certification.

Does National Association of Counties comply with GDPR ?

According to Rankiteo, National Association of Counties is not listed as GDPR compliant.

Does National Association of Counties have PCI DSS certification ?

According to Rankiteo, National Association of Counties does not currently maintain PCI DSS compliance.

Does National Association of Counties comply with HIPAA ?

According to Rankiteo, National Association of Counties is not compliant with HIPAA regulations.

Does National Association of Counties have ISO 27001 certification ?

According to Rankiteo,National Association of Counties is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does National Association of Counties operate in ?

National Association of Counties operates primarily in the Public Policy Offices industry.

How many employees does National Association of Counties have ?

National Association of Counties employs approximately 183 people worldwide.

Does National Association of Counties own any subsidiaries ?

National Association of Counties presently has no subsidiaries across any sectors.

How many LinkedIn followers does National Association of Counties have ?

National Association of Counties's official LinkedIn profile has approximately 23,732 followers.

What is the NAICS classification code for National Association of Counties ?

National Association of Counties is classified under the NAICS code 921, which corresponds to Executive, Legislative, and Other General Government Support.

Does National Association of Counties have a Crunchbase profile ?

No, National Association of Counties does not have a profile on Crunchbase.

Does National Association of Counties have a LinkedIn profile ?

Yes, National Association of Counties maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nacocounties.

How many cybersecurity incidents has National Association of Counties experienced ?

As of June 29, 2026, Rankiteo reports that National Association of Counties has experienced 1 cybersecurity incidents.

How many peer or competitor companies does National Association of Counties have ?

National Association of Counties has an estimated 1,154 peer or competitor companies worldwide.

What types of cybersecurity incidents has National Association of Counties faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

NAC

Boost Score +25 with badge (5 left)

751

/1000

Fair

776

/1000

Fair

National Association of Counties Vendor Cyber Rating & Cyber Score

naco.org

Add Your Compliance Badge

The National Association of Counties (NACo) is the only national organization that represents county governments in the United States. Founded in 1935, NACo assists America’s 3,069 counties in pursuing excellence in public service to produce healthy, vibrant, safe and resilient counties. NACo promotes sound public policies, fosters county solutions and innovation, promotes intergovernmental and public-private collaboration and provides value-added services to save counties and taxpayers money. With its headquarters on Capitol Hill, NACo is a full-service organization that delivers its services through its dedicated and skilled staff who comprise the following departments: Executive Management, Legislative Affairs, Public Affairs,

NAC A.I CyberSecurity Scoring

Scoring History

NAC

National Association of Counties CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

National Associatio...

Vulnerability

100

10/2025

NAC569305610012...

Loading…

A.I.

NAC Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for NAC

Incidents vs Public Policy Offices Industry Avg (This Year)

No incidents recorded for National Association of Counties in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for National Association of Counties in 2026.

Incident Types NAC vs Public Policy Offices Industry Avg (This Year)

No incidents recorded for National Association of Counties in 2026.

Incident History - NAC (X = Date, Y = Severity)

Loading…

SUBSIDIARY

National Association of Counties Subsidiaries

Parent Company

NAC

Public Policy Offices

Website: http://www.naco.org

Company Size: 51-200 employees

No subsidiary data available for this company.

Loading…

National Association of Counties Similar Companies

Loading…

NEWS

National Association of Counties CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 18, 2026 08:09 PM

Reauthorize the State and Local Cybersecurity Grant Program

Action Needed. Urge your Members of Congress to support legislation to reauthorize the State and Local Cybersecurity Grant Program (SLCGP).

Read Article

February 10, 2026 09:32 PM

Cyber Resilience in County Finance: Protecting What Matters Most

Friday, March 6, 2026 | 2:00 p.m. - 3:00 p.m. ETCyber threats are increasingly targeting public sector finance teams and resilience starts with...

Read Article

January 07, 2026 01:17 AM

New FBI Criminal Justice Information Services (CJIS) Security Rule Requirements | National Association of Counties

The FBI's CJIS Security Policy 6.0 requires agencies to move beyond point-in-time compliance and demonstrate continuous governance, risk management,...

Read Article

December 08, 2025 10:18 PM

Congress Considers Bills to Reauthorize State and Local Cybersecurity Grant Program

The U.S. House passed a bill to reauthorize the State and Local Cybersecurity Grant Program, a key priority for counties. The U.S. Senate has also...

Read Article

November 18, 2025 08:00 AM

Full renewal of state and local cyber grants program passes in House

The PILLAR Act, which would renew federal cybersecurity grants to state and local governments for 10 years, passed by voice vote in the...

Read Article

October 09, 2025 07:00 AM

NACo Cyber Awareness Month Deal: Build Cyber Leadership Skills for Just $1,000

During Cybersecurity Awareness Month (October), the National Association of Counties (NACo) is offering exclusive scholarships that reduce...

Read Article

October 07, 2025 09:25 PM

Cyber Resilience In Action: County Leaders Share Their Strategies

Join county IT leaders to hear how they are defending local government systems, staff, and constituents from ever-increasing cyber-attacks.

Read Article

September 30, 2025 07:00 AM

US Cuts Federal Funding for MS-ISAC Cybersecurity Program

The Trump administration wants CISA to transition to a “new model” for supporting local government agencies' cyber strategy.

Read Article

September 18, 2025 07:00 AM

Governors, mayors, CIOs sign letter supporting state and local cyber grant reauthorization

Groups including the National Governors Association and NASCIO have signed a letter asking Congress to reauthorize the State and Local...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-13512

SUMMARY

A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::state_key of the file src/query/service/src/servers/http/v1/session/client_session_manager.rs of the component Tenant Handler. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The pull request to fix this issue awaits acceptance.

Published

Date2026-06-28

Updated

Date2026-06-28

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-13511

SUMMARY

A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.

Published

Date2026-06-28

Updated

Date2026-06-28

RISK INFORMATION (Score: 3.1)

cvss2

Base Score: 2.1

Complexity: HIGH

AV:N/AC:H/Au:S/C:P/I:N/A:N

cvss3

Base Score: 3.1

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

cvss4

Base Score: 1.3

Complexity: HIGH

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

1.4

Exploitability

1.6

REFERENCES

CVE-2026-13510

SUMMARY

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit has been made public and could be used. The pull request to fix this issue awaits acceptance.

Published

Date2026-06-28

Updated

Date2026-06-28

RISK INFORMATION (Score: 3.7)

cvss2

Base Score: 2.6

Complexity: HIGH

AV:N/AC:H/Au:N/C:P/I:N/A:N

cvss3

Base Score: 3.7

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

cvss4

Base Score: 2.9

Complexity: HIGH

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

1.4

Exploitability

2.2

REFERENCES

CVE-2026-13509

SUMMARY

A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.upload_file/FileHandler.remove_file of the file src/ragapp/backend/controllers/files.py of the component Knowledge File Handler. Such manipulation leads to path traversal. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.

Published

Date2026-06-28

Updated

Date2026-06-28

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-13508

SUMMARY

A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

Published

Date2026-06-28

Updated

Date2026-06-28

RISK INFORMATION (Score: 5.5)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.1

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…