Skip to main content
All Industries

EU Industry Benchmark

Professional Services

Anonymized security posture data for the professional services sector across the EU. Based on 15420 monitored sites.

43.8

Avg. Score /100

D

Avg. Grade

15420

Sites Tracked

+1.0

vs. EU Average

Critical findings in this industry

7777 of 15420 without HTTPS redirect

50.0%

13992 of 15420 with unencrypted email (no STARTTLS)

91.0%

15150 of 15420 without DMARC protection (spoofable)

98.0%

9204 of 15420 missing 3+ critical security headers

60.0%

13247 of 15420 without DNSSEC (vulnerable to DNS spoofing)

86.0%

14990 of 15420 without CAA records (unrestricted certificate issuance)

97.0%

15187 of 15420 without MTA-STS (email downgrade attacks possible)

98.0%

Grade Distribution

A
0 (0.0%)
B
14 (0.0%)
C
756 (5.0%)
D
10121 (66.0%)
F
4529 (29.0%)

Security across Europe

Average security score by country — hover for details, click to explore.

België: 45.7/100 (477 sites) Bulgarije: 41.2/100 (43 sites) Cyprus: 45.2/100 (19 sites) Denemarken: 45.2/100 (145 sites) Duitsland: 44.4/100 (5833 sites) Estland: 39.0/100 (13 sites) Finland: 45.3/100 (168 sites) Frankrijk: 42.2/100 (1454 sites) Griekenland: 41.9/100 (56 sites) Hongarije: 41.8/100 (48 sites) Ierland: 43.2/100 (386 sites) Italië: 41.3/100 (587 sites) Kroatië: 42.8/100 (51 sites) Letland: 47.0/100 (13 sites) Litouwen: 41.7/100 (32 sites) Luxemburg: 45.5/100 (32 sites) Nederland: 47.0/100 (842 sites) Noorwegen: 45.5/100 (63 sites) Oostenrijk: 44.0/100 (617 sites) Polen: 40.5/100 (845 sites) Portugal: 44.9/100 (127 sites) Roemenië: 42.2/100 (66 sites) Slovenië: 42.1/100 (44 sites) Slowakije: 44.3/100 (121 sites) Spanje: 42.7/100 (646 sites) Tsjechië: 43.8/100 (119 sites) Verenigd Koninkrijk: 42.9/100 (1940 sites) Zweden: 44.3/100 (85 sites) Zwitserland: 46.8/100 (516 sites)
Worse
Better

Score by Country

🇧🇪 België
45.7 477 🇧🇬 Bulgarije
41.2 43 🇨🇾 Cyprus
45.2 19 🇩🇰 Denemarken
45.2 145 🇩🇪 Duitsland
44.4 5833 🇪🇪 Estland
39.0 13 🇫🇮 Finland
45.3 168 🇫🇷 Frankrijk
42.2 1454 🇬🇷 Griekenland
41.9 56 🇭🇺 Hongarije
41.8 48 🇮🇸 IJsland
46.9 19 🇮🇪 Ierland
43.2 386 🇮🇹 Italië
41.3 587 🇭🇷 Kroatië
42.8 51 🇱🇻 Letland
47.0 13 🇱🇮 Liechtenstein
40.0 4 🇱🇹 Litouwen
41.7 32 🇱🇺 Luxemburg
45.5 32 🇲🇹 Malta
44.0 9 🇳🇱 Nederland
47.0 842 🇳🇴 Noorwegen
45.5 63 🇦🇹 Oostenrijk
44.0 617 🇵🇱 Polen
40.5 845 🇵🇹 Portugal
44.9 127 🇷🇴 Roemenië
42.2 66 🇸🇮 Slovenië
42.1 44 🇸🇰 Slowakije
44.3 121 🇪🇸 Spanje
42.7 646 🇨🇿 Tsjechië
43.8 119 🇬🇧 Verenigd Koninkrijk
42.9 1940 🇸🇪 Zweden
44.3 85 🇨🇭 Zwitserland
46.8 516

Hosting & Data Residency

64%

EU-headquartered provider

36%

Non-EU provider (CLOUD Act / Schrems II)

IONOS (1&1) (DE) 1799 22.4%
Cloudflare (US) 1097 13.7%
Hetzner (DE) 920 11.5%
OVHcloud (FR) 905 11.3%
Strato (DE) 839 10.5%

Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49

How does your site compare?

Run a free security scan and see your grade instantly.

Scan your site

All data is anonymized. No individual sites are identified. Statistics updated weekly.