Comparison Overview

The Nelson-Atkins Museum of Art

VS

Museum of Arts & Sciences

The Nelson-Atkins Museum of Art

4525 Oak St, Kansas City, MO, 64111, US
Last Update: 2025-12-02
View Profile
Between 750 and 799
http://www.nelson-atkins.org/

The Nelson-Atkins Museum of Art invites all people to explore the art in its care, and through its vast collections, the depths and complexities of human experiences. We strive to create a sense of belonging, where staff and volunteers can do meaningful work connecting people to art. We create an informed, invested group of staff and volunteers through shared values and open, direct and respectful communication. We embrace IDEAS (Inclusion, Diversity, Equity, Access and Sustainability) in every aspect of our ideals and aspirations, as we believe these values to be paramount to success. Each staff member and volunteer embodies the institution’s commitments and agrees to exhibit behaviors that align with them. We hold one another to these expectations so that, together, we may know, own, energize and sustain our culture and the institution for generations to come.

NAICS: 712
NAICS Definition: Museums, Historical Sites, and Similar Institutions
Employees: 346
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Museum of Arts & Sciences

352 S Nova Rd, Daytona Beach, US
Last Update: 2025-12-01
Between 750 and 799
http://www.moas.org

The Museum of Arts & Sciences (MOAS) is the primary art, science and history museum in Central Florida. The area's largest museum, MOAS is nationally accredited by the American Alliance of Museums and is a Smithsonian Institution Affiliate. Located on a 90-acre Florida nature preserve, the 100,000 square foot facility is host to over 30,000 objects including the Dow Gallery of American Art, one of the finest collections of American art in the Southeast, the Schulte Gallery of Chinese Art, the Bouchelle Collection and Gallery of Decorative Arts, the largest and most comprehensive collection in the South, the Gillespy Gallery of Sub-Saharan African artifacts, the Cuban Foundation Museum showcasing one of the most significant collections of Cuban paintings in the United States, the Prehistory of Florida gallery featuring Florida’s Giant Ground Sloth skeleton and the Root Family Museum displaying restored railroad cars, antique automobiles and the largest collection of Coca-Cola® memorabilia in Florida. The Helene B. Roberson Visible Storage Building exhibits thousands of objects from many donors which are owned by the Museum, while the Linda and Williams Children’s Museum presents an interactive experience for children. A new state-of-the-art planetarium and the Cici and Hyatt Brown Museum of Art showcasing the largest collection of Florida-based art in the world, rounds out areas to explore inside the Museum of Arts & Sciences. Museum Hours are 10am-5pm (Monday-Saturday) and 11am-5pm (Sunday). Parking is free. Admission is FREE for Volusia County residents the first Tuesday of each month (does not include Planetarium shows). MOAS is fully accessible to the handicapped. MOAS is located at 352 S. Nova Road, Daytona Beach, Florida 32114. For more information call 386.255.0285 or visit the website www.moas.org.

NAICS: 712
NAICS Definition: Museums, Historical Sites, and Similar Institutions
Employees: 36
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/the-nelson-atkins-museum-of-art.jpeg
The Nelson-Atkins Museum of Art
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/museum-of-arts-&-sciences.jpeg
Museum of Arts & Sciences
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
The Nelson-Atkins Museum of Art
100%
Compliance Rate
0/4 Standards Verified
Museum of Arts & Sciences
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

No incidents recorded for The Nelson-Atkins Museum of Art in 2025.

Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)

No incidents recorded for Museum of Arts & Sciences in 2025.

Incident History — The Nelson-Atkins Museum of Art (X = Date, Y = Severity)

The Nelson-Atkins Museum of Art cyber incidents detection timeline including parent company and subsidiaries

Incident History — Museum of Arts & Sciences (X = Date, Y = Severity)

Museum of Arts & Sciences cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/the-nelson-atkins-museum-of-art.jpeg
The Nelson-Atkins Museum of Art
Incidents

No Incident

https://images.rankiteo.com/companyimages/museum-of-arts-&-sciences.jpeg
Museum of Arts & Sciences
Incidents

No Incident

FAQ

The Nelson-Atkins Museum of Art company demonstrates a stronger AI Cybersecurity Score compared to Museum of Arts & Sciences company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Museum of Arts & Sciences company has disclosed a higher number of cyber incidents compared to The Nelson-Atkins Museum of Art company.

In the current year, Museum of Arts & Sciences company and The Nelson-Atkins Museum of Art company have not reported any cyber incidents.

Neither Museum of Arts & Sciences company nor The Nelson-Atkins Museum of Art company has reported experiencing a ransomware attack publicly.

Neither Museum of Arts & Sciences company nor The Nelson-Atkins Museum of Art company has reported experiencing a data breach publicly.

Neither Museum of Arts & Sciences company nor The Nelson-Atkins Museum of Art company has reported experiencing targeted cyberattacks publicly.

Neither The Nelson-Atkins Museum of Art company nor Museum of Arts & Sciences company has reported experiencing or disclosing vulnerabilities publicly.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds any compliance certifications.

Neither company holds any compliance certifications.

Neither The Nelson-Atkins Museum of Art company nor Museum of Arts & Sciences company has publicly disclosed detailed information about the number of their subsidiaries.

The Nelson-Atkins Museum of Art company employs more people globally than Museum of Arts & Sciences company, reflecting its scale as a Museums, Historical Sites, and Zoos.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds SOC 2 Type 1 certification.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds SOC 2 Type 2 certification.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds ISO 27001 certification.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds PCI DSS certification.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds HIPAA certification.

Neither The Nelson-Atkins Museum of Art nor Museum of Arts & Sciences holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
References
Description

fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.

Published
Date
2025-12-01
Updated
Date
2025-12-01
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References