Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
NCC Group

NCC Group Vendor Cyber Rating & Cyber Score

nccgroup.com

We are NCC Group. A people powered, tech-enabled global cyber security and resilience company with 2,000 colleagues around the world. For over 25 years we’ve been trusted by the world’s leading companies and Governments to manage and deliver cyber resilience, working together to create a more secure digital future.


NCC Group A.I CyberSecurity Scoring

NCC Group
Company Information
Website:https://www.nccgroup.com
Employees number:2,360
Number of followers:151,290
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:nccgroup.com
NCC Group Risk Score (AI oriented)
Between 0 and 549
logo
NCC GroupIT Services and IT Consulting
Updated:
02/06/2026
285/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
NCC Group Global Score (TPRM)
xxxx
logo
NCC GroupIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

NCC Group
NCC GroupCritical
Current Score
285C (CRITICAL)
01000
2 incidents
-441 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
301Before Incident
JUNE 2026
285Before Incident
MAY 2026
272Before Incident
APRIL 2026
271Before Incident
MARCH 2026
250Before Incident
FEBRUARY 2026
245Before Incident
JANUARY 2026
657Before Incident
Ransomware
01 Jan 2026NCC Group
Gentleman ransomware: Ransomware groups grow revenue by almost 40% in Q1 2026

Ransomware Revenue Surges 39% Year-on-Year as Cybercriminal Ecosystem Matures

216After Incident
CRITICAL-441
NCC1780403012
Ransomware Revenue Surges 39% Year-on-Year as Cybercriminal Ecosystem Matures In the first quarter of 2026, ransomware groups generated an estimated $529.2 million a 39% increase compared to the same period in 2025, according to a report by cybersecurity firm Rapid7. The growth highlights the expanding sophistication and resilience of cybercriminal operations. Two prominent groups drove much of the revenue: Qilin amassed $193 million between July 2025 and March 2026, while Gentleman ransomware earned $52 million in the same period. The surge is attributed to the rise of initial access brokers (IABs), who sell compromised network access on dark web marketplaces, allowing ransomware operators to bypass the technical challenges of breaching systems themselves. Rapid7 likened ransomware groups to legitimate businesses, noting their ability to adapt and maintain operations despite disruptions. Unlike traditional enterprises, these criminal networks are designed to persist even if individual components such as servers or groups are dismantled, ensuring continuity through a decentralized ecosystem. The findings underscore the maturation of the cybercrime economy, where specialized services from access brokering to ransomware-as-a-service (RaaS) have lowered the barrier to entry, enabling even less technically skilled actors to launch attacks. The report suggests that the resilience of these operations poses a growing challenge for cybersecurity defenses.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Financial Loss: $529.2 million (Q1 2026)
DECEMBER 2025
657Before Incident
NOVEMBER 2025
656Before Incident
OCTOBER 2025
654Before Incident
SEPTEMBER 2025
652Before Incident
AUGUST 2025
650Before Incident
APRIL 2025
751Before Incident
Ransomware
01 Apr 2025NCC Group
NCC Group: Industrial firms hit hardest by ransomware attacks

Industrial Sector Hit Hardest by Ransomware Attacks

639After Incident
CRITICAL-112
NCC1778776543
Industrial Sector Hit Hardest by Ransomware Attacks, NCC Group Reports Industrial organizations faced 2,073 ransomware attacks in the 12 months leading up to March 2026, making the sector the most targeted industry during that period, according to data from NCC Group. On average, industrial firms accounted for 29.6% of all monthly ransomware activity, a surge attributed to vulnerabilities in operational technology (OT) environments systems that control physical industrial processes. The attacks disproportionately impacted capital goods businesses, with 1,192 incidents recorded in sectors involving machinery, equipment, and infrastructure. Machinery firms alone suffered 442 attacks, while construction and engineering companies faced 394. The trend suggests attackers are prioritizing industries where disruptions can halt production and destabilize supply chains. The rise in OT-focused attacks coincides with increased regulatory scrutiny under frameworks like the Network and Information Systems (NIS) Regulations, which mandate cybersecurity measures for essential services. Updated guidance under the Cybersecurity Act has further elevated expectations for OT governance, incident reporting, and supply-chain security, shifting OT security from a technical concern to a board-level compliance issue. A key challenge lies in the convergence of IT and OT systems, as industrial firms increasingly integrate production networks with corporate IT infrastructure. This connectivity expands the attack surface, allowing cyber incidents to spread rapidly from office systems into plant operations and critical infrastructure. Ray Robinson, OT Director at NCC Group, warned that many organizations still prioritize IT security over OT protection, despite the severe consequences of OT disruptions including production shutdowns, service outages, and safety risks. The impact extends beyond financial losses, particularly when attacks target essential services or public infrastructure. Legacy OT systems, often designed for reliability rather than cybersecurity, further complicate defenses. Many operators must balance production continuity with the need to modernize security controls, reporting, and supply-chain oversight all while addressing regulatory demands that now explicitly include OT environments. Katarina Sommer, Global Head of Government Affairs at NCC Group, noted that regulators are strengthening requirements, making OT security a critical governance priority for industrial businesses.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain, supply chain disruption, production halts
IMPACT
Operational Technology (OT) environmentsIT systemsProduction networksDowntime: Production shutdowns, service outagesOperational Impact: Halt in production, supply chain destabilization, safety risks

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for NCC Group ?
?
What was NCC Group's A.I Rankiteo Cyber Score in June 2026 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in May 2026 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in April 2026 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in March 2026 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in February 2026 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in January 2026 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in December 2025 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in November 2025 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in October 2025 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in September 2025 ?
?
What was NCC Group's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on NCC Group's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with NCC Group ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view NCC Group's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?