UGI
Company Details
Linkedin ID:
uk-government-investments
Website:
Employees number:
159
Number of followers:
8,056
NAICS:
921
Industry Type:
Homepage:
ukgi.org.uk
IP Addresses:
0
Company ID:
UK _5117903
Scan Status:
In-progress
UK Government Investments (UKGI) Company CyberSecurity Posture
ukgi.org.uk
We create value for society from government’s most complex commercial interests. Combining the best of public and private sector expertise, UK Government Investments is government’s centre of expertise for corporate governance and corporate finance. We work with both private sector and the wider public sector, with regular interaction with ministers, parliament and Whitehall departments. UKGI’s key objectives are: Corporate Governance - Act as shareholder for, and lead establishment of, UK government arm’s length bodies Corporate Finance - Advise on all major UK government corporate finance matters, including financial interventions into corporate structures and corporate finance negotiations Contingent Liabilities - Analyse and advise on the UK government's contingent liabilities Asset Management - Acquire, manage and execute the sale of all significant UK government corporate assets UKGI also oversees the Government Corporate Finance Profession (www.gov.uk/government/organisations/civil-service-corporate-finance-profession-cfp). The Profession supports government corporate finance professionals through training and career development, so that they develop the knowledge and skills they require to carry out their roles.
UK Government Investments (UKGI) A.I CyberSecurity Scoring
UGI Risk Score (AI oriented)Between 700 and 749
UGI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UGI Global Score (TPRM)XXXX
UGI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UGI Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
UGI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UGI
Incidents vs Public Policy Offices Industry Average (This Year)
No incidents recorded for UK Government Investments (UKGI) in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for UK Government Investments (UKGI) in 2025.
Incident Types UGI vs Public Policy Offices Industry Avg (This Year)
No incidents recorded for UK Government Investments (UKGI) in 2025.
Incident History — UGI (X = Date, Y = Severity)
UGI cyber incidents detection timeline including parent company and subsidiaries
UGI Company Subsidiaries
We create value for society from government’s most complex commercial interests. Combining the best of public and private sector expertise, UK Government Investments is government’s centre of expertise for corporate governance and corporate finance. We work with both private sector and the wider public sector, with regular interaction with ministers, parliament and Whitehall departments. UKGI’s key objectives are: Corporate Governance - Act as shareholder for, and lead establishment of, UK government arm’s length bodies Corporate Finance - Advise on all major UK government corporate finance matters, including financial interventions into corporate structures and corporate finance negotiations Contingent Liabilities - Analyse and advise on the UK government's contingent liabilities Asset Management - Acquire, manage and execute the sale of all significant UK government corporate assets UKGI also oversees the Government Corporate Finance Profession (www.gov.uk/government/organisations/civil-service-corporate-finance-profession-cfp). The Profession supports government corporate finance professionals through training and career development, so that they develop the knowledge and skills they require to carry out their roles.
Loading...
UGI Similar Companies
Center for Health Progress
At Center for Health Progress, we believe our health care system should work for all Coloradans. So, we bring people together to ensure factors like race, income, and ZIP code don't determine a person's access to care and opportunity to live a healthy life. When we uncover commonsense solutions to t
National Revenue Agency - Republic of Bulgaria
The National Revenue Agency (NRA) is a specialized state institution in Bulgaria under the jurisdiction of the Minister of Finance. The main task of the NRA is to administer taxes and social security contributions, as well as to collect other public and private state receivables. As of 1 January 200
Hunger Free Vermont
Hunger Free Vermont operates on a simple formula: it ensures that children have food wherever they are in their day, that adults and seniors can provide healthy meals at home, and Hunger Free Vermont offers nutrition and cooking classes to ensure that Vermont youth and adults know how to prepare nut
Public Policy Projects
Public Policy Projects is an organisation operating at the heart of health and life sciences policy delivery. We bring together senior leaders and practitioners in the public and private health and life sciences sectors to find realistic solutions to the most pressing issues relating to health and c
Provincie Oost-Vlaanderen
De Provincie is een verkozen streekbestuur. Als toekomstgerichte organisatie willen we in nauwe samenwerking met andere partners werken aan innovatief, creatief en duurzaam Oost-Vlaanderen. Vanuit de principes van Het Nieuwe Werken wil de Provincie verder evolueren naar een resultaatgerichte orga
NASHP | National Academy for State Health Policy
The National Academy for State Health Policy is a nonpartisan forum of policymakers throughout state governments, learning, leading and implementing innovative solutions to health policy challenges. To accomplish our mission we: •Convene state leaders to solve problems and share solutions •Conduct
.png)
UGI CyberSecurity News
July 13, 2025 12:18 AM
Making AI Transformation Happen in Government
With AI named the 'One Big Thing' by the UK Government, and every department now committed to leveraging agentic AI and workplace transformation to meet...
February 06, 2024 08:00 AM
NatWest must clarify leadership plans before government share sale-UKGI
NatWest will need to reassure investors it has found a permanent successor to former CEO Alison Rose before a heavily-anticipated sale of...
January 15, 2024 08:00 AM
UK could save £20bn a year with better governance, says head of spending watchdog
The British government could save at least £20bn a year by modernising IT systems, tackling fraud and getting a grip on failing mega-projects such as the HS2...
July 21, 2021 07:00 AM
Credit watch for UK officials over Covid loans as pandemic clouds persist
State investment body monitors risk of default as companies face pressure over repayment schedules.
May 10, 2021 07:00 AM
UK government kicks off NatWest share sale
The British government kicked off the sale of a further stake in taxpayer-backed NatWest Group (NWG.L), edging it a step closer to private...
February 17, 2020 08:00 AM
UK picks Charles Donald to run agency managing RBS stake
UK Government Investments, which manages taxpayers' stake in Royal Bank of Scotland , has appointed Charles Donald as Chief...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UGI CyberSecurity History Information
Official Website of UK Government Investments (UKGI)
The official website of UK Government Investments (UKGI) is https://www.ukgi.org.uk/.
UK Government Investments (UKGI)’s AI-Generated Cybersecurity Score
According to Rankiteo, UK Government Investments (UKGI)’s AI-generated cybersecurity score is 745, reflecting their Moderate security posture.
How many security badges does UK Government Investments (UKGI)’ have ?
According to Rankiteo, UK Government Investments (UKGI) currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does UK Government Investments (UKGI) have SOC 2 Type 1 certification ?
According to Rankiteo, UK Government Investments (UKGI) is not certified under SOC 2 Type 1.
Does UK Government Investments (UKGI) have SOC 2 Type 2 certification ?
According to Rankiteo, UK Government Investments (UKGI) does not hold a SOC 2 Type 2 certification.
Does UK Government Investments (UKGI) comply with GDPR ?
According to Rankiteo, UK Government Investments (UKGI) is not listed as GDPR compliant.
Does UK Government Investments (UKGI) have PCI DSS certification ?
According to Rankiteo, UK Government Investments (UKGI) does not currently maintain PCI DSS compliance.
Does UK Government Investments (UKGI) comply with HIPAA ?
According to Rankiteo, UK Government Investments (UKGI) is not compliant with HIPAA regulations.
Does UK Government Investments (UKGI) have ISO 27001 certification ?
According to Rankiteo,UK Government Investments (UKGI) is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of UK Government Investments (UKGI)
UK Government Investments (UKGI) operates primarily in the Public Policy Offices industry.
Number of Employees at UK Government Investments (UKGI)
UK Government Investments (UKGI) employs approximately 159 people worldwide.
Subsidiaries Owned by UK Government Investments (UKGI)
UK Government Investments (UKGI) presently has no subsidiaries across any sectors.
UK Government Investments (UKGI)’s LinkedIn Followers
UK Government Investments (UKGI)’s official LinkedIn profile has approximately 8,056 followers.
NAICS Classification of UK Government Investments (UKGI)
UK Government Investments (UKGI) is classified under the NAICS code 921, which corresponds to Executive, Legislative, and Other General Government Support.
UK Government Investments (UKGI)’s Presence on Crunchbase
No, UK Government Investments (UKGI) does not have a profile on Crunchbase.
UK Government Investments (UKGI)’s Presence on LinkedIn
Yes, UK Government Investments (UKGI) maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/uk-government-investments.
Cybersecurity Incidents Involving UK Government Investments (UKGI)
As of November 28, 2025, Rankiteo reports that UK Government Investments (UKGI) has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
UK Government Investments (UKGI) has an estimated 1,024 peer or competitor companies worldwide.
UK Government Investments (UKGI) CyberSecurity History Information
How many cyber incidents has UK Government Investments (UKGI) faced ?
Total Incidents: According to Rankiteo, UK Government Investments (UKGI) has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at UK Government Investments (UKGI) ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=uk-government-investments' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
