RSK Group
Company Details
Linkedin ID:
rsk-group
Website:
Employees number:
11,756
Number of followers:
77,735
NAICS:
54162
Industry Type:
Homepage:
rskgroup.com
IP Addresses:
0
Company ID:
RSK_2997295
Scan Status:
In-progress
RSK Group Company CyberSecurity Posture
rskgroup.com
RSK Group is a global leader in the delivery of environmental and engineering solutions. We recognise the urgent need for sustainable change and know that this will be achieved by delivering meaningful action, not just words. We are committed to supporting our clients and societies as they navigate these complex challenges, while making a positive impact. The business was founded in 1989, originally focused on providing environmental consultancy services to global energy clients. Today, while we remain a leader in environmental consultancy, the business is significantly more diverse. RSK delivers an unrivalled breadth and depth of environmental and engineering services, either as stand-alone projects or as large and integrated multidisciplinary solutions. The group believes this emphasis on multidisciplinary collaboration is essential for successfully addressing complex global challenges. This is why we have brought together pragmatic advice, forward-thinking engineering, cutting-edge innovation, digital solutions, and best-in-class delivery services. The group continues to deliver its ambitious global growth strategy. It now comprises more than 200 companies and employs over 16,000 people.
RSK Group A.I CyberSecurity Scoring
RSK Group Risk Score (AI oriented)Between 750 and 799
RSK Group
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
RSK Group Global Score (TPRM)XXXX
RSK Group
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
RSK Group Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Jennings O'Donovan
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A cyber attack targeted **Jennings O'Donovan**, an engineering firm responsible for assessing applications under Ireland’s **Defective Block Grant Scheme**. The breach compromised **personal data** of applicants, including **addresses, contact details, and photos of crumbling homes** affected by defective bricks. The incident was isolated to the firm, but the stolen data raises concerns over privacy and potential misuse, given the sensitivity of the information tied to vulnerable homeowners. The **Irish Housing Agency** is coordinating with the company to investigate the breach, notify affected individuals, and implement safeguards. The **Data Protection Commissioner** and local authorities were also alerted. While the attack did not disrupt the grant scheme itself, the exposure of personal records—particularly for families already facing housing crises—heightens risks of fraud, identity theft, or further exploitation. The firm and government agencies are under pressure to provide **transparency on the timeline, nature of the compromised data, and mitigation steps** to restore trust among impacted applicants.
RSK Group Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for RSK Group
Incidents vs Environmental Services Industry Average (This Year)
No incidents recorded for RSK Group in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for RSK Group in 2025.
Incident Types RSK Group vs Environmental Services Industry Avg (This Year)
No incidents recorded for RSK Group in 2025.
Incident History — RSK Group (X = Date, Y = Severity)
RSK Group cyber incidents detection timeline including parent company and subsidiaries
RSK Group Company Subsidiaries
RSK Group is a global leader in the delivery of environmental and engineering solutions. We recognise the urgent need for sustainable change and know that this will be achieved by delivering meaningful action, not just words. We are committed to supporting our clients and societies as they navigate these complex challenges, while making a positive impact. The business was founded in 1989, originally focused on providing environmental consultancy services to global energy clients. Today, while we remain a leader in environmental consultancy, the business is significantly more diverse. RSK delivers an unrivalled breadth and depth of environmental and engineering services, either as stand-alone projects or as large and integrated multidisciplinary solutions. The group believes this emphasis on multidisciplinary collaboration is essential for successfully addressing complex global challenges. This is why we have brought together pragmatic advice, forward-thinking engineering, cutting-edge innovation, digital solutions, and best-in-class delivery services. The group continues to deliver its ambitious global growth strategy. It now comprises more than 200 companies and employs over 16,000 people.
Loading...
RSK Group Similar Companies
Clean Harbors
Clean Harbors is North America’s leading provider of environmental and industrial services. The Company serves a diverse customer base, including a majority of Fortune 500 companies. Its customer base spans a number of industries, including chemical, and manufacturing, as well as numerous government
Veolia | Water Tech
As the world leader in water technologies and services, Veolia relies on its 17,500 water technology experts to deliver innovative solutions that drive both performance and sustainability, without compromise. With over 4,400 technology patents and serving more than 14,000 customers worldwide, Veolia
Republic Services
Republic Services provides the most complete set of recycling, waste and environmental solutions from a single-source provider. We partner with customers to help them achieve their sustainability goals, driving both environmental and economic sustainability. We offer advanced recycling; solid waste,
Veolia group aims to be the benchmark company for ecological transformation. With nearly 220,000 employees worldwide, the Group designs and provides game-changing solutions that are both useful and practical for water, waste and energy management. Through its three complementary business activities,
WM is North America's leading provider of integrated environmental solutions. We partner with our customers and communities to manage and reduce waste from collection to disposal while recovering valuable resources and creating clean, renewable energy. We are on a quest for environmental performance
Rentokil Initial plc employs 62,900 people across 90 countries - offering the experience and expertise of a multi-national organisation, whilst delivering services with the agility and characteristics of a local business. As world leaders in Pest Control and Hygiene & Well-being services, we deliv
Eiffage Énergie Systèmes
Rejoindre Eiffage, c’est rejoindre une entreprise animée d’un esprit de famille unique. Nous recherchons des talents qui valorisent l’esprit d’équipe et l’entraide. Des talents qui souhaitent découvrir, progresser, innover dans un collectif engagé pour construire un avenir à taille humaine. Nous av
Bureau Veritas Group
Bureau Veritas is a world leader in Testing, Inspection and Certification. Our mission is at the heart of key challenges: quality, health and safety, environmental protection and social responsibility. Through our wide range of expertise, impartiality and independence, we foster confidence between c
Dalkia
Dalkia : ensemble, relevons le défi climatique ! Depuis 85 ans, Dalkia, filiale du groupe EDF et leader dans les services énergétiques, investit et développe les énergies renouvelables et de récupération et accompagne ses clients dans la durée pour les aider à faire des économies d'énergie et à rédu
.png)
RSK Group CyberSecurity News
October 07, 2025 07:00 AM
Strong results at RSK Group despite ‘changing rhetoric’ on sustainability
Cheshire-headquartered environmental services provider RSK Group has reported increased revenue of £2.2bn in its latest accounts,...
May 29, 2025 07:00 AM
RSK Group joins major carbon capture infrastructure project in Liverpool
RSK Group has been appointed to support the delivery of CO₂ transportation and storage infrastructure linked to the HyNet CO₂ pipeline,...
May 22, 2025 07:00 AM
Charlton announce new partnership with RSK
Charlton Athletic are proud to announce a new partnership with RSK. The global group of environmental, engineering and technical services businesses will...
December 10, 2024 08:00 AM
Acquisitive RSK moves for construction consultancy - firm employs more than 200 people
A 200-strong inter-disciplinary construction consultancy which was established in 1962 has been acquired by RSK Group.
December 09, 2024 08:00 AM
Australian sustainability consultancy Edge Impact joins RSK
Sustainability consultancy Edge Impact has joined global player RSK, providing impetus for the firm's ambitious growth agenda while...
February 24, 2023 08:00 AM
United States Takes Sweeping Actions on the One Year Anniversary of Russia’s War Against Ukraine
All targets are being designated pursuant to Executive Order (E.O.) 14024, which authorizes sanctions with respect to specified harmful...
January 21, 2023 08:00 AM
RSK’s Alan Ryder on how to manage rapid expansion
The engineering and environmental entrepreneur believes size matters as he seeks to acquire more companies for his group.
February 19, 2020 08:00 AM
McGrathNicol and ResponSight launch cyber-warning solution
McGrathNicol has teamed up with technology startup ResponSight to launch FDetect, a solution that facilitates cyber-warning processes and forensic...
December 07, 2016 08:00 AM
Business Growth Fund injects £10m into RSK Group
Business Growth Fund has provided £10 million in funding to RSK Group, an environmental, health, safety and engineering services company.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
RSK Group CyberSecurity History Information
Official Website of RSK Group
The official website of RSK Group is https://rskgroup.com/.
RSK Group’s AI-Generated Cybersecurity Score
According to Rankiteo, RSK Group’s AI-generated cybersecurity score is 770, reflecting their Fair security posture.
How many security badges does RSK Group’ have ?
According to Rankiteo, RSK Group currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does RSK Group have SOC 2 Type 1 certification ?
According to Rankiteo, RSK Group is not certified under SOC 2 Type 1.
Does RSK Group have SOC 2 Type 2 certification ?
According to Rankiteo, RSK Group does not hold a SOC 2 Type 2 certification.
Does RSK Group comply with GDPR ?
According to Rankiteo, RSK Group is not listed as GDPR compliant.
Does RSK Group have PCI DSS certification ?
According to Rankiteo, RSK Group does not currently maintain PCI DSS compliance.
Does RSK Group comply with HIPAA ?
According to Rankiteo, RSK Group is not compliant with HIPAA regulations.
Does RSK Group have ISO 27001 certification ?
According to Rankiteo,RSK Group is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of RSK Group
RSK Group operates primarily in the Environmental Services industry.
Number of Employees at RSK Group
RSK Group employs approximately 11,756 people worldwide.
Subsidiaries Owned by RSK Group
RSK Group presently has no subsidiaries across any sectors.
RSK Group’s LinkedIn Followers
RSK Group’s official LinkedIn profile has approximately 77,735 followers.
NAICS Classification of RSK Group
RSK Group is classified under the NAICS code 54162, which corresponds to Environmental Consulting Services.
RSK Group’s Presence on Crunchbase
No, RSK Group does not have a profile on Crunchbase.
RSK Group’s Presence on LinkedIn
Yes, RSK Group maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/rsk-group.
Cybersecurity Incidents Involving RSK Group
As of December 17, 2025, Rankiteo reports that RSK Group has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
RSK Group has an estimated 8,265 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at RSK Group ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does RSK Group detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with direct outreach to affected applicants; public statements via housing agency and charles ward td; notification to data protection commissioner and local authorities...
Incident Details
Can you provide details on each incident ?
Title: Cyber Attack on Jennings O'Donovan Affecting Ireland's Defective Block Grant Scheme
Description: A cyber attack on Jennings O'Donovan, an engineering firm assessing applications for Ireland's defective block grant scheme, may have resulted in the theft of personal data, including addresses, contact details, and photos of affected homes. The Irish Housing Agency is investigating and notifying impacted applicants.
Type: data breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : data breach JEN2732127102425
Data Compromised: Addresses, Personal contact details, Photos of affected homes
Brand Reputation Impact: high (public concern, loss of trust in handling sensitive data)
Identity Theft Risk: potential (personal data exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Identifiable Information (Pii), Addresses, Contact Details, Photographs Of Homes and .
Which entities were affected by each incident ?
Incident : data breach JEN2732127102425
Entity Name: Jennings O'Donovan
Entity Type: engineering firm
Industry: construction/engineering
Location: Republic of Ireland
Customers Affected: applicants of Ireland's defective block grant scheme (thousands of homeowners in Clare, Donegal, Limerick, Mayo, and Sligo)
Incident : data breach JEN2732127102425
Entity Name: Irish Housing Agency
Entity Type: government agency
Industry: housing/public sector
Location: Republic of Ireland
Response to the Incidents
What measures were taken in response to each incident ?
Incident : data breach JEN2732127102425
Incident Response Plan Activated: True
Communication Strategy: Direct outreach to affected applicants; public statements via Housing Agency and Charles Ward TD; notification to Data Protection Commissioner and local authorities.
Data Breach Information
What type of data was compromised in each breach ?
Incident : data breach JEN2732127102425
Type of Data Compromised: Personal identifiable information (pii), Addresses, Contact details, Photographs of homes
Sensitivity of Data: high (includes highly sensitive homeowner data and images of defective properties)
Data Exfiltration: likely (data described as 'may have been stolen')
File Types Exposed: documentsimages
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : data breach JEN2732127102425
Regulatory Notifications: Data Protection Commissioner (Ireland)local authorities
References
Where can I find more information about each incident ?
Incident : data breach JEN2732127102425
Source: Irish Housing Agency (public statement)
Incident : data breach JEN2732127102425
Source: Charles Ward TD (100% Redress Party)
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Irish Housing Agency (public statement), and Source: Charles Ward TD (100% Redress Party).
Investigation Status
What is the current status of the investigation for each incident ?
Incident : data breach JEN2732127102425
Investigation Status: ongoing (Housing Agency working with Jennings O'Donovan to ascertain details)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Direct outreach to affected applicants; public statements via Housing Agency and Charles Ward TD; notification to Data Protection Commissioner and local authorities..
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : data breach JEN2732127102425
Stakeholder Advisories: Housing Agency and Charles Ward TD have issued public statements urging transparency and clarity for affected families.
Customer Advisories: Affected applicants are being contacted directly by the Housing Agency. Uncontacted applicants are confirmed as unaffected.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Housing Agency and Charles Ward TD have issued public statements urging transparency and clarity for affected families. and Affected applicants are being contacted directly by the Housing Agency. Uncontacted applicants are confirmed as unaffected..
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : data breach JEN2732127102425
High Value Targets: Personal Data Of Homeowners, Defective Block Grant Scheme Records,
Data Sold on Dark Web: Personal Data Of Homeowners, Defective Block Grant Scheme Records,
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were addresses, personal contact details, photos of affected homes and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were personal contact details, photos of affected homes and addresses.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Irish Housing Agency (public statement) and Charles Ward TD (100% Redress Party).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is ongoing (Housing Agency working with Jennings O'Donovan to ascertain details).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Housing Agency and Charles Ward TD have issued public statements urging transparency and clarity for affected families., .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Affected applicants are being contacted directly by the Housing Agency. Uncontacted applicants are confirmed as unaffected.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a lower‑privileged user. A local attacker with access to the application account can modify this file to introduce malicious code, which is then executed with elevated privileges when the script is run. Successful exploitation results in arbitrary code execution as the root user.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Description
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Description
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's `NewResponseFromRequest` function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. The vulnerability occurs when SIP message parsing succeeds for a request missing the To header, but the response creation code assumes the To header exists without proper nil checks. This affects routine operations like call setup, authentication, and message handling - not just error cases. This vulnerability affects all SIP applications using the sipgo library, not just specific configurations or edge cases, as long as they make use of the `NewResponseFromRequest` function. Version 1.0.0-alpha-1 contains a patch for the issue.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=rsk-group' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
