Comparison Overview

Q: Between Nexia company and KPMG company, which one has the best AI Cybersecurity Score ?

KPMG company demonstrates a stronger AI Cybersecurity Score compared to Nexia company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Nexia company and KPMG company, which one has experienced more cyber incidents in the past ?

Nexia company has historically faced a number of disclosed cyber incidents, whereas KPMG company has not reported any.

Q: Between Nexia company and KPMG company, which one has experienced more cyber incidents this year ?

In the current year, KPMG company and Nexia company have not reported any cyber incidents.

Q: Between Nexia company and KPMG company, which one has experienced at least one ransomware attack ?

Nexia company has confirmed experiencing a ransomware attack, while KPMG company has not reported such incidents publicly.

Q: Between Nexia company and KPMG company, which one has experienced at least one data breach ?

Neither KPMG company nor Nexia company has reported experiencing a data breach publicly.

Q: Between Nexia company and KPMG company, which one has experienced at least one targeted cyberattack ?

Neither KPMG company nor Nexia company has reported experiencing targeted cyberattacks publicly.

Q: Between Nexia company and KPMG company, which one has experienced at least one vulnerability ?

Neither Nexia company nor KPMG company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between Nexia company and KPMG company, which one holds the most compliance certifications ?

Neither Nexia nor KPMG holds any compliance certifications.

Q: Between Nexia company and KPMG company, which one has the most subsidiaries ?

KPMG company has more subsidiaries worldwide compared to Nexia company.

Nexia

71 Kingsway, London, undefined, WC2B 6ST, GB

Last Update: 2025-12-09

View Profile

Between 700 and 749

http://www.nexia.com

Nexia is a leading worldwide network of independent accounting and consulting firms. We provide a comprehensive portfolio of audit, accountancy, tax, advisory and business services. Nexia works with its member firms leveraging strength across the network and enabling the delivery of global solutions by member firms to clients. Nexia was established over 25 years ago. Our continued success is thanks to what lies at the heart of our business: international knowledge, proven experience and enduring relationships. This is reflected in our purpose, ‘To support our clients across the globe on their path to growth.’ When you choose Nexia, you get a more responsive, more personal, partner-led service, across the world. Our member firms share common values, which enable them to provide tailored solutions and high-quality advice across a wide portfolio of services. Quality is embedded in everything we do at Nexia, from members developing valuable relationships with each other and their clients to the delivery of quality services by member firms across the world.

NAICS: 5412

NAICS Definition: Accounting, Tax Preparation, Bookkeeping, and Payroll Services

Employees: 815

Subsidiaries: 1

12-month incidents

0

Known data breaches

0

Attack type number

1

View Profile

KPMG

Worldwide, CA

Last Update: 2025-12-09

Between 800 and 849

http://www.kpmg.com

KPMG is a global organization of independent professional services firms providing Audit, Tax and Advisory services. KPMG is the brand under which the member firms of KPMG International Limited (“KPMG International”) operate and provide professional services. “KPMG” is used to refer to individual member firms within the KPMG organization or to one or more member firms collectively. KPMG firms operate in 143 countries and territories with more than 273,000 partners and employees working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. Each KPMG member firm is responsible for its own obligations and liabilities. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients. For more detail about our structure, please visit kpmg.com/governance.

NAICS: 5412

NAICS Definition: Accounting, Tax Preparation, Bookkeeping, and Payroll Services

Employees: 223,639

Subsidiaries: 71

12-month incidents

0

Known data breaches

0

Attack type number

0

Nexia

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

KPMG

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Accounting Industry Average (This Year)

No incidents recorded for Nexia in 2025.

Incidents vs Accounting Industry Average (This Year)

No incidents recorded for KPMG in 2025.

Incident History — Nexia (X = Date, Y = Severity)

Nexia cyber incidents detection timeline including parent company and subsidiaries

Incident History — KPMG (X = Date, Y = Severity)

KPMG cyber incidents detection timeline including parent company and subsidiaries

Nexia

Incidents

Date Detected: 11/2020

Type:Ransomware

Motivation: Financial Gain

Blog: Blog

KPMG

Incidents

No Incident

KPMG company demonstrates a stronger AI Cybersecurity Score compared to Nexia company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Nexia company has historically faced a number of disclosed cyber incidents, whereas KPMG company has not reported any.

In the current year, KPMG company and Nexia company have not reported any cyber incidents.

Nexia company has confirmed experiencing a ransomware attack, while KPMG company has not reported such incidents publicly.

Neither KPMG company nor Nexia company has reported experiencing a data breach publicly.

Neither KPMG company nor Nexia company has reported experiencing targeted cyberattacks publicly.

Neither Nexia company nor KPMG company has reported experiencing or disclosing vulnerabilities publicly.

Neither Nexia nor KPMG holds any compliance certifications.

Neither company holds any compliance certifications.

KPMG company has more subsidiaries worldwide compared to Nexia company.

KPMG company employs more people globally than Nexia company, reflecting its scale as a Accounting.

Neither Nexia nor KPMG holds SOC 2 Type 1 certification.

Neither Nexia nor KPMG holds SOC 2 Type 2 certification.

Neither Nexia nor KPMG holds ISO 27001 certification.

Neither Nexia nor KPMG holds PCI DSS certification.

Neither Nexia nor KPMG holds HIPAA certification.

Neither Nexia nor KPMG holds GDPR certification.

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 8.1

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References

https://docs.nxlog.co/agent/current/release-notes.html#nxlog-agent-6-11

Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 2.9

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 4.5

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

References

https://github.com/mjmlio/mjml/issues/3018

Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 5.8

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Nexia

VS

KPMG

Nexia

KPMG

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Accounting Industry Average (This Year)

Incidents vs Accounting Industry Average (This Year)

Incident History — Nexia (X = Date, Y = Severity)

Incident History — KPMG (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Nexia

VS

KPMG

Nexia

KPMG

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Accounting Industry Average (This Year)

Incidents vs Accounting Industry Average (This Year)

Incident History — Nexia (X = Date, Y = Severity)

Incident History — KPMG (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Ransomware NEX23104623

No Incident

FAQ

Between Nexia company and KPMG company, which one has the best AI Cybersecurity Score ?

Between Nexia company and KPMG company, which one has experienced more cyber incidents in the past ?

Between Nexia company and KPMG company, which one has experienced more cyber incidents this year ?

Between Nexia company and KPMG company, which one has experienced at least one ransomware attack ?

Between Nexia company and KPMG company, which one has experienced at least one data breach ?

Between Nexia company and KPMG company, which one has experienced at least one targeted cyberattack ?

Between Nexia company and KPMG company, which one has experienced at least one vulnerability ?

Between Nexia company and KPMG company, which one holds the most compliance certifications ?

Between Nexia company and KPMG company, which one holds the fewest compliance certifications ?

Between Nexia company and KPMG company, which one has the most subsidiaries ?

Between Nexia company and KPMG company, which one has the largest number of employees ?

Between Nexia and KPMG, which company holds both SOC 2 Type 1 certifications ?

Between Nexia and KPMG, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Nexia or KPMG ?

Which company is PCI DSS compliant — Nexia or KPMG ?

Between Nexia and KPMG, which company complies with HIPAA regulations for healthcare data ?

Between Nexia and KPMG, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information