Comparison Overview

Zacks Investment Management

VS

Marsh McLennan

Zacks Investment Management

101 N Wacker Dr, None, Chicago, Illinois, US, 60606
Last Update: 2025-12-09
View Profile
Between 750 and 799
https://www.zacksim.com/

In 1992, Zacks Investment Management was established as a wholly owned subsidiary of Zacks Investment Research. As a boutique wealth management firm, we apply the time-tested insights of our parent company to create models like the Zacks Dividend Strategy. Since our inception, Zacks Investment Management has been dedicated to delivering results for our clients by seeking excess returns over standard benchmarks within a risk-controlled framework. Ultimately, our active management approach and bottom-up fundamental stock selection process were built upon the very discoveries that changed the industry over 40 years ago, and have generated exceptional results ever since. Within the Zacks Dividend Strategy, we will continue to adhere to this discipline in all market cycles. “The Zacks legacy was born on research and it has been proven through history. We’re an independent family business and to this day we’re proud to share the fruits of our expert insights for the benefit of our clients.” Mitch Zacks Principal and Senior Portfolio Manager

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 141
Subsidiaries: 2
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

Marsh McLennan

1166 Avenue of the Americas, None, New York, NY, US, 10036
Last Update: 2025-12-09
Between 750 and 799
https://www.marshmclennan.com/

Marsh McLennan (NYSE: MMC) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue of $23 billion and more than 85,000 colleagues, Marsh McLennan helps build the confidence to thrive through the power of perspective. Follow us on X at @MarshMcLennan.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 67,727
Subsidiaries: 0
12-month incidents
0
Known data breaches
2
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/zacks-investment-management.jpeg
Zacks Investment Management
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/marshmclennan.jpeg
Marsh McLennan
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Zacks Investment Management
100%
Compliance Rate
0/4 Standards Verified
Marsh McLennan
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Zacks Investment Management in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Marsh McLennan in 2025.

Incident History — Zacks Investment Management (X = Date, Y = Severity)

Zacks Investment Management cyber incidents detection timeline including parent company and subsidiaries

Incident History — Marsh McLennan (X = Date, Y = Severity)

Marsh McLennan cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/zacks-investment-management.jpeg
Zacks Investment Management
Incidents

Date Detected: 11/1999
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/marshmclennan.jpeg
Marsh McLennan
Incidents

Date Detected: 4/2021
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

Date Detected: 04/2021
Type:Data Leak
Blog: Blog

Date Detected: 6/2013
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

FAQ

Marsh McLennan company demonstrates a stronger AI Cybersecurity Score compared to Zacks Investment Management company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Marsh McLennan company has faced a higher number of disclosed cyber incidents historically compared to Zacks Investment Management company.

In the current year, Marsh McLennan company and Zacks Investment Management company have not reported any cyber incidents.

Neither Marsh McLennan company nor Zacks Investment Management company has reported experiencing a ransomware attack publicly.

Both Marsh McLennan company and Zacks Investment Management company have disclosed experiencing at least one data breach.

Neither Marsh McLennan company nor Zacks Investment Management company has reported experiencing targeted cyberattacks publicly.

Neither Zacks Investment Management company nor Marsh McLennan company has reported experiencing or disclosing vulnerabilities publicly.

Neither Zacks Investment Management nor Marsh McLennan holds any compliance certifications.

Neither company holds any compliance certifications.

Zacks Investment Management company has more subsidiaries worldwide compared to Marsh McLennan company.

Marsh McLennan company employs more people globally than Zacks Investment Management company, reflecting its scale as a Financial Services.

Neither Zacks Investment Management nor Marsh McLennan holds SOC 2 Type 1 certification.

Neither Zacks Investment Management nor Marsh McLennan holds SOC 2 Type 2 certification.

Neither Zacks Investment Management nor Marsh McLennan holds ISO 27001 certification.

Neither Zacks Investment Management nor Marsh McLennan holds PCI DSS certification.

Neither Zacks Investment Management nor Marsh McLennan holds HIPAA certification.

Neither Zacks Investment Management nor Marsh McLennan holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
Description

Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
Description

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
Description

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
Description

IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References