Skip to main content
All Industries

EU Industry Benchmark

Insurance

Anonymized security posture data for the insurance sector across the EU. Based on 2988 monitored sites.

41.7

Avg. Score /100

D

Avg. Grade

2988

Sites Tracked

+1.0

vs. EU Average

Critical findings in this industry

2541 of 2988 without HTTPS redirect

85.0%

2925 of 2988 with unencrypted email (no STARTTLS)

98.0%

2977 of 2988 without DMARC protection (spoofable)

100.0%

909 of 2988 missing 3+ critical security headers

30.0%

2618 of 2988 without DNSSEC (vulnerable to DNS spoofing)

88.0%

2803 of 2988 without CAA records (unrestricted certificate issuance)

94.0%

2951 of 2988 without MTA-STS (email downgrade attacks possible)

99.0%

Grade Distribution

A
0 (0.0%)
B
6 (0.0%)
C
124 (4.0%)
D
1612 (54.0%)
F
1246 (42.0%)

Security across Europe

Average security score by country — hover for details, click to explore.

Hosting & Data Residency

50%

EU-headquartered provider

50%

Non-EU provider (CLOUD Act / Schrems II)

Amazon Web Services (US) 283 23.1%
Cloudflare (US) 215 17.6%
IONOS (1&1) (DE) 148 12.1%
Hetzner (DE) 136 11.1%
OVHcloud (FR) 117 9.6%

Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49

How does your site compare?

Run a free security scan and see your grade instantly.

Scan your site

All data is anonymized. No individual sites are identified. Statistics updated weekly.