Comparison Overview

Orange Tree Theatre

VS

MCH Group

Orange Tree Theatre

1 Clarence Street, Richmond, TW9 2SA, GB
Last Update: 2025-12-09
View Profile
Between 750 and 799
http://www.orangetreetheatre.co.uk/

The Orange Tree (OT) is an award-winning, independent theatre. Recognised as a powerhouse that creates high-quality productions of new and rediscovered plays, we entertain 70,000 people across the UK every year. The OT’s home in Richmond, South West London, is an intimate theatre with the audience seated all around the stage: watching a performance here is truly a unique experience. We believe in the power of dramatic stories to entertain, thrill and challenge us; plays that enrich our lives by enhancing our understanding of ourselves and each other. As a registered charity (266128) sitting at the heart of its community, we work with 10,000 people in Richmond and beyond through participatory theatre projects for people of all ages and abilities. The Orange Tree Theatre’s mission is to enable audiences to experience the next generation of theatre talent, experiment with ground-breaking new drama and explore the plays from the past that inspire the theatre-makers of the present. To find out how you can help us to do that you can visit orangetreetheatre.co.uk/discover

NAICS: 7111
NAICS Definition: Performing Arts Companies
Employees: 57
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

MCH Group

Messeplatz, Basel, Switzerland, 4005, CH
Last Update: 2025-12-10
Between 700 and 749
https://www.mch-group.com

MCH Group, headquartered in Basel, Switzerland, is an internationally active experience marketing company with a comprehensive service network. It organizes around 30 community platforms in Switzerland and abroad, including Art Basel, Swissbau and Giardina. The Live Marketing Services division offers comprehensive experiential marketing solutions with its brands MCH Global, MC2, and Expomobilia. MCH Group also operates the Messe and Congress Center Basel and the Messe Zurich. Job opportunities at MCH Group: https://www.mch-group.com/en/employer/jobs-careers/ (please copy and paste the link into your browser)

NAICS: 7111
NAICS Definition: Performing Arts Companies
Employees: 282
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/orange-tree-theatre-limited.jpeg
Orange Tree Theatre
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/mch-group-ltd-.jpeg
MCH Group
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Orange Tree Theatre
100%
Compliance Rate
0/4 Standards Verified
MCH Group
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Performing Arts Industry Average (This Year)

No incidents recorded for Orange Tree Theatre in 2025.

Incidents vs Performing Arts Industry Average (This Year)

No incidents recorded for MCH Group in 2025.

Incident History — Orange Tree Theatre (X = Date, Y = Severity)

Orange Tree Theatre cyber incidents detection timeline including parent company and subsidiaries

Incident History — MCH Group (X = Date, Y = Severity)

MCH Group cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/orange-tree-theatre-limited.jpeg
Orange Tree Theatre
Incidents

No Incident

https://images.rankiteo.com/companyimages/mch-group-ltd-.jpeg
MCH Group
Incidents

Date Detected: 11/2021
Type:Ransomware
Attack Vector: Malware
Blog: Blog

FAQ

Orange Tree Theatre company demonstrates a stronger AI Cybersecurity Score compared to MCH Group company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

MCH Group company has historically faced a number of disclosed cyber incidents, whereas Orange Tree Theatre company has not reported any.

In the current year, MCH Group company and Orange Tree Theatre company have not reported any cyber incidents.

MCH Group company has confirmed experiencing a ransomware attack, while Orange Tree Theatre company has not reported such incidents publicly.

Neither MCH Group company nor Orange Tree Theatre company has reported experiencing a data breach publicly.

Neither MCH Group company nor Orange Tree Theatre company has reported experiencing targeted cyberattacks publicly.

Neither Orange Tree Theatre company nor MCH Group company has reported experiencing or disclosing vulnerabilities publicly.

Neither Orange Tree Theatre nor MCH Group holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Orange Tree Theatre company nor MCH Group company has publicly disclosed detailed information about the number of their subsidiaries.

MCH Group company employs more people globally than Orange Tree Theatre company, reflecting its scale as a Performing Arts.

Neither Orange Tree Theatre nor MCH Group holds SOC 2 Type 1 certification.

Neither Orange Tree Theatre nor MCH Group holds SOC 2 Type 2 certification.

Neither Orange Tree Theatre nor MCH Group holds ISO 27001 certification.

Neither Orange Tree Theatre nor MCH Group holds PCI DSS certification.

Neither Orange Tree Theatre nor MCH Group holds HIPAA certification.

Neither Orange Tree Theatre nor MCH Group holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
References
Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
References