Skip to main content
All Industries

EU Industry Benchmark

Insurance

Anonymized security posture data for the insurance sector across the EU. Based on 2978 monitored sites.

46.6

Avg. Score /100

D

Avg. Grade

2978

Sites Tracked

+3.0

vs. EU Average

Critical findings in this industry

1672 of 2978 without HTTPS redirect

56.0%

1965 of 2978 with unencrypted email (no STARTTLS)

66.0%

2279 of 2978 without DMARC protection (spoofable)

77.0%

1279 of 2978 missing 3+ critical security headers

43.0%

2608 of 2978 without DNSSEC (vulnerable to DNS spoofing)

88.0%

2797 of 2978 without CAA records (unrestricted certificate issuance)

94.0%

2942 of 2978 without MTA-STS (email downgrade attacks possible)

99.0%

Grade Distribution

A
2 (0.0%)
B
65 (2.0%)
C
381 (13.0%)
D
1637 (55.0%)
F
893 (30.0%)

Security across Europe

Average security score by country — hover for details, click to explore.

Austria: 46.0/100 (137 sites) Belgium: 48.8/100 (278 sites) Bulgaria: 49.8/100 (25 sites) Croatia: 47.4/100 (16 sites) Cyprus: 39.7/100 (10 sites) Czech Republic: 52.4/100 (38 sites) Denmark: 55.2/100 (24 sites) Estonia: 58.4/100 (8 sites) Finland: 56.1/100 (14 sites) France: 47.6/100 (276 sites) Germany: 43.2/100 (1012 sites) Greece: 47.8/100 (31 sites) Hungary: 47.2/100 (15 sites) Ireland: 52.1/100 (61 sites) Italy: 45.6/100 (121 sites) Latvia: 57.0/100 (10 sites) Lithuania: 55.7/100 (12 sites) Luxembourg: 52.1/100 (25 sites) Netherlands: 53.0/100 (105 sites) Norway: 60.7/100 (10 sites) Poland: 42.0/100 (202 sites) Portugal: 47.9/100 (42 sites) Romania: 50.4/100 (26 sites) Slovakia: 53.9/100 (30 sites) Slovenia: 48.5/100 (14 sites) Spain: 46.1/100 (163 sites) Sweden: 59.1/100 (14 sites) Switzerland: 54.0/100 (61 sites) United Kingdom: 49.0/100 (172 sites)
Worse
Better

Score by Country

🇦🇹 Austria
46.0 137 🇧🇪 Belgium
48.8 278 🇧🇬 Bulgaria
49.8 25 🇭🇷 Croatia
47.4 16 🇨🇾 Cyprus
39.7 10 🇨🇿 Czech Republic
52.4 38 🇩🇰 Denmark
55.2 24 🇪🇪 Estonia
58.4 8 🇫🇮 Finland
56.1 14 🇫🇷 France
47.6 276 🇩🇪 Germany
43.2 1012 🇬🇷 Greece
47.8 31 🇭🇺 Hungary
47.2 15 🇮🇸 Iceland
55.3 6 🇮🇪 Ireland
52.1 61 🇮🇹 Italy
45.6 121 🇱🇻 Latvia
57.0 10 🇱🇮 Liechtenstein
42.6 8 🇱🇹 Lithuania
55.7 12 🇱🇺 Luxembourg
52.1 25 🇲🇹 Malta
46.1 12 🇳🇱 Netherlands
53.0 105 🇳🇴 Norway
60.7 10 🇵🇱 Poland
42.0 202 🇵🇹 Portugal
47.9 42 🇷🇴 Romania
50.4 26 🇸🇰 Slovakia
53.9 30 🇸🇮 Slovenia
48.5 14 🇪🇸 Spain
46.1 163 🇸🇪 Sweden
59.1 14 🇨🇭 Switzerland
54.0 61 🇬🇧 United Kingdom
49.0 172

Hosting & Data Residency

50%

EU-headquartered provider

50%

Non-EU provider (CLOUD Act / Schrems II)

Amazon Web Services (US) 283 23.2%
Cloudflare (US) 214 17.5%
IONOS (1&1) (DE) 148 12.1%
Hetzner (DE) 136 11.1%
OVHcloud (FR) 117 9.6%

Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49

How does your site compare?

Run a free security scan and see your grade instantly.

Scan your site

All data is anonymized. No individual sites are identified. Statistics updated weekly.