Skip to main content
All Industries

EU Industry Benchmark

Pharma

Anonymized security posture data for the pharma sector across the EU. Based on 13715 monitored sites.

40.8

Avg. Score /100

D

Avg. Grade

13715

Sites Tracked

0.0

vs. EU Average

Critical findings in this industry

11179 of 13715 without HTTPS redirect

82.0%

13517 of 13715 with unencrypted email (no STARTTLS)

99.0%

13696 of 13715 without DMARC protection (spoofable)

100.0%

5112 of 13715 missing 3+ critical security headers

37.0%

12357 of 13715 without DNSSEC (vulnerable to DNS spoofing)

90.0%

13444 of 13715 without CAA records (unrestricted certificate issuance)

98.0%

13666 of 13715 without MTA-STS (email downgrade attacks possible)

100.0%

Grade Distribution

A
0 (0.0%)
B
3 (0.0%)
C
283 (2.0%)
D
7515 (55.0%)
F
5914 (43.0%)

Security across Europe

Average security score by country — hover for details, click to explore.

Hosting & Data Residency

52%

EU-headquartered provider

48%

Non-EU provider (CLOUD Act / Schrems II)

Amazon Web Services (US) 2012 27.6%
Cloudflare (US) 841 11.5%
Hetzner (DE) 807 11.1%
OVHcloud (FR) 802 11.0%
IONOS (1&1) (DE) 763 10.5%

Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49

How does your site compare?

Run a free security scan and see your grade instantly.

Scan your site

All data is anonymized. No individual sites are identified. Statistics updated weekly.