NCC Group A.I CyberSecurity Scoring
NCC Group
Company Information
Website:https://www.nccgroup.com
Employees number:2,360
Number of followers:151,290
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:nccgroup.com
NCC Group Risk Score (AI oriented)
Between 0 and 549
NCC GroupIT Services and IT Consulting
Updated:
02/06/2026
02/06/2026
285/1000
Critical
C
NCC Group Global Score (TPRM)
xxxx
NCC GroupIT Services and IT Consulting
Score locked

NCC GroupCritical
Current Score
285C (CRITICAL)
01000
2 incidents
-441 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
301
JUNE 2026
285
MAY 2026
272
APRIL 2026
271
MARCH 2026
250
FEBRUARY 2026
245
JANUARY 2026
657
Ransomware
01 Jan 2026 • NCC Group
Gentleman ransomware: Ransomware groups grow revenue by almost 40% in Q1 2026
Ransomware Revenue Surges 39% Year-on-Year as Cybercriminal Ecosystem Matures
216
CRITICAL-441
NCC1780403012
Ransomware Revenue Surges 39% Year-on-Year as Cybercriminal Ecosystem Matures
In the first quarter of 2026, ransomware groups generated an estimated $529.2 million a 39% increase compared to the same period in 2025, according to a report by cybersecurity firm Rapid7. The growth highlights the expanding sophistication and resilience of cybercriminal operations.
Two prominent groups drove much of the revenue: Qilin amassed $193 million between July 2025 and March 2026, while Gentleman ransomware earned $52 million in the same period. The surge is attributed to the rise of initial access brokers (IABs), who sell compromised network access on dark web marketplaces, allowing ransomware operators to bypass the technical challenges of breaching systems themselves.
Rapid7 likened ransomware groups to legitimate businesses, noting their ability to adapt and maintain operations despite disruptions. Unlike traditional enterprises, these criminal networks are designed to persist even if individual components such as servers or groups are dismantled, ensuring continuity through a decentralized ecosystem.
The findings underscore the maturation of the cybercrime economy, where specialized services from access brokering to ransomware-as-a-service (RaaS) have lowered the barrier to entry, enabling even less technically skilled actors to launch attacks. The report suggests that the resilience of these operations poses a growing challenge for cybersecurity defenses.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
DECEMBER 2025
657
NOVEMBER 2025
656
OCTOBER 2025
654
SEPTEMBER 2025
652
AUGUST 2025
650
APRIL 2025
751
Ransomware
01 Apr 2025 • NCC Group
NCC Group: Industrial firms hit hardest by ransomware attacks
Industrial Sector Hit Hardest by Ransomware Attacks
639
CRITICAL-112
NCC1778776543
Industrial Sector Hit Hardest by Ransomware Attacks, NCC Group Reports
Industrial organizations faced 2,073 ransomware attacks in the 12 months leading up to March 2026, making the sector the most targeted industry during that period, according to data from NCC Group. On average, industrial firms accounted for 29.6% of all monthly ransomware activity, a surge attributed to vulnerabilities in operational technology (OT) environments systems that control physical industrial processes.
The attacks disproportionately impacted capital goods businesses, with 1,192 incidents recorded in sectors involving machinery, equipment, and infrastructure. Machinery firms alone suffered 442 attacks, while construction and engineering companies faced 394. The trend suggests attackers are prioritizing industries where disruptions can halt production and destabilize supply chains.
The rise in OT-focused attacks coincides with increased regulatory scrutiny under frameworks like the Network and Information Systems (NIS) Regulations, which mandate cybersecurity measures for essential services. Updated guidance under the Cybersecurity Act has further elevated expectations for OT governance, incident reporting, and supply-chain security, shifting OT security from a technical concern to a board-level compliance issue.
A key challenge lies in the convergence of IT and OT systems, as industrial firms increasingly integrate production networks with corporate IT infrastructure. This connectivity expands the attack surface, allowing cyber incidents to spread rapidly from office systems into plant operations and critical infrastructure.
Ray Robinson, OT Director at NCC Group, warned that many organizations still prioritize IT security over OT protection, despite the severe consequences of OT disruptions including production shutdowns, service outages, and safety risks. The impact extends beyond financial losses, particularly when attacks target essential services or public infrastructure.
Legacy OT systems, often designed for reliability rather than cybersecurity, further complicate defenses. Many operators must balance production continuity with the need to modernize security controls, reporting, and supply-chain oversight all while addressing regulatory demands that now explicitly include OT environments.
Katarina Sommer, Global Head of Government Affairs at NCC Group, noted that regulators are strengthening requirements, making OT security a critical governance priority for industrial businesses.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for NCC Group ??
What was NCC Group's A.I Rankiteo Cyber Score in June 2026 ??
What was NCC Group's A.I Rankiteo Cyber Score in May 2026 ??
What was NCC Group's A.I Rankiteo Cyber Score in April 2026 ??
What was NCC Group's A.I Rankiteo Cyber Score in March 2026 ??
What was NCC Group's A.I Rankiteo Cyber Score in February 2026 ??
What was NCC Group's A.I Rankiteo Cyber Score in January 2026 ??
What was NCC Group's A.I Rankiteo Cyber Score in December 2025 ??
What was NCC Group's A.I Rankiteo Cyber Score in November 2025 ??
What was NCC Group's A.I Rankiteo Cyber Score in October 2025 ??
What was NCC Group's A.I Rankiteo Cyber Score in September 2025 ??
What was NCC Group's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on NCC Group's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with NCC Group ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view NCC Group's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?