EU Industry Benchmark
Transport
Anonymized security posture data for the transport sector across the EU. Based on 490 monitored sites.
42.7
Avg. Score /100
D
Avg. Grade
490
Sites Tracked
+2.0
vs. EU Average
Critical findings in this industry
410 of 490 without HTTPS redirect
481 of 490 with unencrypted email (no STARTTLS)
488 of 490 without DMARC protection (spoofable)
128 of 490 missing 3+ critical security headers
401 of 490 without DNSSEC (vulnerable to DNS spoofing)
429 of 490 without CAA records (unrestricted certificate issuance)
475 of 490 without MTA-STS (email downgrade attacks possible)
Grade Distribution
Security across Europe
Average security score by country — hover for details, click to explore.
/100 · sites
Score by Country
Hosting & Data Residency
15%
EU-headquartered provider
85%
Non-EU provider (CLOUD Act / Schrems II)
Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49
All data is anonymized. No individual sites are identified. Statistics updated weekly.