EU Industry Benchmark
Insurance
Anonymized security posture data for the insurance sector across the EU. Based on 2988 monitored sites.
41.7
Avg. Score /100
D
Avg. Grade
2988
Sites Tracked
+1.0
vs. EU Average
Critical findings in this industry
2541 of 2988 without HTTPS redirect
2925 of 2988 with unencrypted email (no STARTTLS)
2977 of 2988 without DMARC protection (spoofable)
909 of 2988 missing 3+ critical security headers
2618 of 2988 without DNSSEC (vulnerable to DNS spoofing)
2803 of 2988 without CAA records (unrestricted certificate issuance)
2951 of 2988 without MTA-STS (email downgrade attacks possible)
Grade Distribution
Security across Europe
Average security score by country — hover for details, click to explore.
/100 · sites
Score by Country
Hosting & Data Residency
50%
EU-headquartered provider
50%
Non-EU provider (CLOUD Act / Schrems II)
Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49
All data is anonymized. No individual sites are identified. Statistics updated weekly.