Comparison Overview

Marsh McLennan Agency

VS

QBE Insurance

Marsh McLennan Agency

360 Hamilton Ave, White Plains, US
Last Update: 2026-04-03
View Profile
Between 750 and 799
https://www.marshmma.com/

Marsh McLennan Agency, a business of Marsh (NYSE: MRSH), is a leading provider of business insurance, employee health & benefits, retirement & wealth, and private client insurance solutions across the US and Canada. Marsh is a global leader in risk, reinsurance and capital, people and investments, and management consulting, advising clients in 130 countries. With annual revenue of over $24 billion and more than 90,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective. For more information about Marsh McLennan Agency, visit marshmma.com.

NAICS: 524
NAICS Definition: Insurance Carriers and Related Activities
Employees: 14,372
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

QBE Insurance

388 George Street, Sydney, New South Wales, AU, 2000
Last Update: 2026-04-01
Between 750 and 799
http://www.qbe.com

At QBE we’re driven by our purpose of enabling a more resilient future. QBE is an international insurer and reinsurer headquartered in Sydney, Australia, with local presence in 26 countries. We don't just see ourselves as an insurer, but a partner to our customers in helping to navigate uncertainty. We provide tailored solutions across commercial, personal, and specialty products, as well as risk management solutions to help individuals and businesses manage risks, build strength and embrace change. Whether it’s through our people, our deep expertise or our commitment to building strong relationships, we get to the heart of it. See our Terms of Use: qbe.co/2y7Ck4p See our Privacy Policy: qbe.co/3oa7gZB

NAICS: 524
NAICS Definition: Insurance Carriers and Related Activities
Employees: 14,066
Subsidiaries: 13
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/marsh-mclennan-agency.jpeg
Marsh McLennan Agency
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/qbe.jpeg
QBE Insurance
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Marsh McLennan Agency
100%
Compliance Rate
0/4 Standards Verified
QBE Insurance
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Insurance Industry Average (This Year)

No incidents recorded for Marsh McLennan Agency in 2026.

Incidents vs Insurance Industry Average (This Year)

No incidents recorded for QBE Insurance in 2026.

Incident History — Marsh McLennan Agency (X = Date, Y = Severity)

Marsh McLennan Agency cyber incidents detection timeline including parent company and subsidiaries

Incident History — QBE Insurance (X = Date, Y = Severity)

QBE Insurance cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/marsh-mclennan-agency.jpeg
Marsh McLennan Agency
Incidents

Date Detected: 3/2021
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/qbe.jpeg
QBE Insurance
Incidents

No Incident

FAQ

QBE Insurance company demonstrates a stronger AI Cybersecurity Score compared to Marsh McLennan Agency company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Marsh McLennan Agency company has historically faced a number of disclosed cyber incidents, whereas QBE Insurance company has not reported any.

In the current year, QBE Insurance company and Marsh McLennan Agency company have not reported any cyber incidents.

Neither QBE Insurance company nor Marsh McLennan Agency company has reported experiencing a ransomware attack publicly.

Marsh McLennan Agency company has disclosed at least one data breach, while the other QBE Insurance company has not reported such incidents publicly.

Neither QBE Insurance company nor Marsh McLennan Agency company has reported experiencing targeted cyberattacks publicly.

Neither Marsh McLennan Agency company nor QBE Insurance company has reported experiencing or disclosing vulnerabilities publicly.

Neither Marsh McLennan Agency nor QBE Insurance holds any compliance certifications.

Neither company holds any compliance certifications.

QBE Insurance company has more subsidiaries worldwide compared to Marsh McLennan Agency company.

Marsh McLennan Agency company employs more people globally than QBE Insurance company, reflecting its scale as a Insurance.

Neither Marsh McLennan Agency nor QBE Insurance holds SOC 2 Type 1 certification.

Neither Marsh McLennan Agency nor QBE Insurance holds SOC 2 Type 2 certification.

Neither Marsh McLennan Agency nor QBE Insurance holds ISO 27001 certification.

Neither Marsh McLennan Agency nor QBE Insurance holds PCI DSS certification.

Neither Marsh McLennan Agency nor QBE Insurance holds HIPAA certification.

Neither Marsh McLennan Agency nor QBE Insurance holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.

Published
Date
2026-04-02
Updated
Date
2026-04-02
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References