Security magazine is proud to present The 2025 Security Benchmark Report — a comprehensive editorial initiative built on the voices of enterprise security leaders from across the globe.
This annual report gathers self-reported data from a wide range of industries to identify the latest trends in security roles, responsibilities, technology, training, and budgets. Each edition builds on the last, offering a year-over-year view of how enterprise security programs are evolving, maturing and setting new standards across the field.
What’s Inside the 2025 Report
Main Report: An in-depth analysis of data across all respondents and sectors.
Sector Reports: Insights broken down by specific industries.
The Security Benchmark Report is designed to help leaders understand what their peers are doing, what’s changing as well as where the industry is headed. While every organization values different metrics, this annual report offers a powerful tool for benchmarking programs and guiding strategic decisions.
While The Security Benchmark Report aims to offer security programs insights into what their peers are doing, we understand that the metrics important to one program may be completely different from that of another program. Therefore, the biggest benefit of contributing to the Security Benchmark Survey is access to the raw, anonymized dataset. Respondents receive a unique opportunity to compare their program against others — across the entire industry or within their specific sector — on any metric they choose.
By participating, leaders are not only gaining invaluable insights for their own programs, but also helping shape the a comprehensive snapshot of enterprise security today. The more voices included, the more powerful and representative the insights become.
Looking Ahead to 2026
This year, respondents shared details about security roles and responsibilities, training initiatives, budget fluctuations, key metrics, and much more. However, in order to continue to build a truly robust picture of the industry, we need even broader participation.
The input from security leaders matters — make sure your program’s voice is part of the 2026 Security Benchmark Report by participating in next year’s report. The 2026 Security Benchmark Survey will be open from February through mid-July 2026.
Select a category below to view the 2025 data
Security Roles & Responsibilities
The Security Benchmark Report respondents were asked about their top issues & concerns in 2025 in regards to risk mitigation and enterprise security. The top 7 answers appear above in order. Workplace violence has been ranked as the top concern by respondents since 2021. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report participants were asked where their security function reports to or resides within. The majority of security teams responding to this year’s Security Benchmark Report report to or reside within Chief Risk or Legal Officer / Risk / Legal / General Counsel, followed closely by COO / Operations. Respondents who selected Other report into Public Affairs, Customer Service and the Chief Supply Chain Officer, among others. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked to choose the level or title of their senior-most security executive within their enterprise. The choices, which are not exhaustive, are meant to generally group titles for comparison and include: C-Level Executive, Director, Senior Director, Senior Manager, Vice President / General Manager or Other. Respondents reported the Director title as their senior-most security executive role at a higher rate than the previous year, increasing from 26% in 2024. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked to report in which geographic areas their security organization provides risk and security services within their enterprise. Respondents chose as many geographic areas as applicable. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked if their security organization is Centralized, Decentralized or Regional. The majority of respondents reported their security organization as being Centralized. For this survey’s purpose, the distinction between Decentralized and Regional security is that some Regional security programs may behave in a Centralized manner for their determined region, while Decentralized generally means there may be security organizations in multiple locations within an enterprise functioning independently from one another. Those respondents choosing Other reported a mix of partially Centralized and partially Decentralized structures. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report participants were given a list of 36 roles and responsibilities that may fall under the security function at an organization and were asked for the level of responsibility the team has over that role within their enterprise. The above are the 15 most common job responsibilities that the security function owns, leads or manages, according to respondents. For this survey, owning or leading the responsibility means security both manages and funds the program, while managing means security manages the program, but another group funds it. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked what security checks/testing the organization conducts as part of pre-employment screening. Respondents were allowed to indicate as many answers as applicable to their organization. Respondents were also able to choose Other (9%) or Don’t Know (12%). The Don’t Know answer is meant to give other security organizations knowledge into the roles, responsibilities and maturity of other security programs. For this question, other forms of screening indicated by respondents included media checks and DMV checks, and some respondents indicated that pre-employment screening procedures differed between employee level (junior vs. executive) and location. SOURCE: The Security Benchmark Report, November 2025
In order to participate in The Security Benchmark Report, respondents must be responsible, at least in part, for physical security within their organization. We asked survey respondents for more insight into the ever-evolving and changing roles of security, including whether their program is responsible for both physical security and health & safety, as well as physical security and cybersecurity. This year’s statistics represent decreases compared to 2024, when 28% of security departments reported being responsible for cybersecurity and 42% reported responsibility for health and safety as well as physical security. SOURCE: The Security Benchmark Report, November 2025
Security Budgets, Spending & More
The Security Benchmark Report captures information on security budgets and total reported revenue / operating budget in the overall organization. To calculate the security budget as a percentage of revenue across the enterprise, the security budget is divided by the total revenue. Companies that reported information on both security budget and total revenue are included in this number; however, if any numbers appeared inaccurately reported or incorrect, they were removed from the calculation. SOURCE: The Security Benchmark Report, November 2025
Above is the average security budget as a percent of revenue by market sector. The Security Benchmark Report captures information on security budgets and total reported revenue / operating budget in the overall organization. To calculate the security budget as a percentage of revenue across the enterprise, the security budget is divided by the total revenue. Companies that reported information on both security budget and total revenue are included in this number; however, if any numbers appeared inaccurately reported or incorrect, they were removed from the calculation. If a given sector did not have enough accurate data to calculate an average, it was not included in the above reporting. SOURCE: The Security Benchmark Report, November 2025
A majority (50%) of The Security Benchmark Report respondents reported an increased security budget compared with the previous year’s budget which was a decrease from 2024. In 2024, 63% of respondents reported an increased budget, while in 2025, 50% of respondents reported an increased security budget year-over-year. SOURCE: The Security Benchmark Report, November 2025
If The Security Benchmark Report respondents indicated an increased security budget in 2025 compared with 2024, they were asked what percentage that budget increased. The average increase reported by those respondents for 2025 was 12%. If respondents indicated their security budget in 2025 decreased compared with 2024, they were asked for the percentage decrease. The average decrease reported by those respondents for 2025 was 7%. In 2024, the average increase in security budget was 34% and the average decrease in security budget was 29%. SOURCE: The Security Benchmark Report, November 2025
Security Guarding & Operations
Of those The Security Benchmark Report respondents that reported using guard / officer forces at their organization, 41% of security leaders report using both proprietary and contract officer / guard forces, while 22% report having only proprietary guards and 37% reported having only third-party / contract guards. SOURCE: The Security Benchmark Report, November 2025
Overall, 63% of The Security Benchmark Report respondents reported having a Security Operations Center (SOC) or Global Security Operations Center (GSOC) within their enterprise. Respondents that answered “Yes” to having a SOC were asked if their SOCs provide security and risk services to the entire enterprise or just a particular region or site. Overall, among all sectors, 71% of respondents that reported having a SOC offer those services to the entire enterprise. SOURCE: The Security Benchmark Report, November 2025
Among the 63% of The Security Benchmark Report respondents that reported having a global security operations center (GSOC) or security operations center (SOC), Security magazine asked respondents which services their SOCs provide to the enterprise, represented in the bar graph above. Respondents were able to choose as many responses as applicable. SOURCE: The Security Benchmark Report, November 2025
Security-Related Training & Technology
Above is the average money spent on security-related training by sector, based on self-reported information from The Security Benchmark Report respondents. Information that appeared to be inaccurately reported was excluded from these calculations. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked to report the security-related training they held within their enterprise in 2024. Respondents were able to choose multiple populations for each training if applicable. For example, with Workplace violence, some organizations implemented training for both security staff, as well as targeted cross-functional groups. Respondents were allowed to report using as many training types as applicable. “Not Applicable” refers to those organizations that did not implement that type of training in 2023. In addition to these responses, respondents were able to choose “Other.” Some of those responses included: COVID-19 infection prevention; diversity, equity and inclusion; business continuity & resilience; active shooter; human trafficking identification & prevention; and de-escalation. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked which physical and / or electronic security systems and equipment their enterprise currently has in place. Respondents were able to choose as many systems as applicable. Of those respondents who selected Other, additional security technologies they have implemented in their enterprises include: biometrics-based security solutions; gunshot detection; weapons screening; open-source intelligence monitoring; and duress technology. *Two-way radio systems are included here if reported for security personnel only. SOURCE: The Security Benchmark Report, November 2025
The Security Benchmark Report respondents were asked how much their organization plans to spend on electronic physical security systems and services this year. Respondents were asked to choose the range that best describes their planned spending. SOURCE: The Security Benchmark Report, November 2025
The 2025 Security Benchmark Report — Methodology
Understanding the annual report’s purpose, scope and methodology.
Each year with The Security Benchmark Report, Security magazine adds to an ongoing database measuring how security teams function, budget, train and use technology. We survey security leaders across more than a dozen industry verticals and present data from the industry as a whole and broken down by sector to allow for the comparison of security programs amongst their own industries, against others and as part of the security industry as a whole.
Security magazine’s priority with The Security Benchmark Report is to showcase the value of security within the enterprise, as well as be a business enabler to our readers’ security programs. By tracking the metrics in this report year-over-year, we hope to offer a comparison of how trends in budget, responsibility, training and technology shift over time.
Organizations are able to remain anonymous for this survey. If the organization chooses to be marked anonymous, they are not eligible to be listed in the published report’s metrics listings.
The Security Benchmark Report is broken down into a general overview comparing all respondents’ data with one another, as well as by sector. Respondents are asked which sector their overall enterprise resides in, and this is the sector in which they are placed. While the survey has a choice of 22 market sectors, some sectors are chosen by too few respondents to report on individually. Therefore, for better comparisons, some market sectors are combined in the report. Combined sectors are labeled as such, and combinations may vary each year.
Sectors with too small a dataset that don’t lend themselves to combining with other sectors may be excluded from the sector reports, but will be included in the main report. To attempt to make the most meaningful comparisons, particular comparisons/charts are left out of sector groupings if the data varied too greatly from one respondent to the next.
In some cases, when calculating certain statistics, including “security budget as a percent of revenue,” outliers or data points that appeared to be reported incorrectly are removed before calculations to present a cleaner comparison.
While we recognize that security roles, responsibilities and programs can vary widely from one organization to another in terms of maturity, position within the enterprise, size of staff, budget, etc., Security magazine has made every effort — via input from readers and Editorial Advisory Board members — to break down and compare organizations in a meaningful, valuable way.
If you don’t see your enterprise’s primary sector represented, we encourage you to fill out the survey next year and ask your peers to fill out the survey as well. The more organizations and security professionals that fill out the survey, the more robust the data. Each year, the survey opens in February and closes in July.
Security magazine encourages all security leaders and organizations to participate in this free editorial survey that makes up The Security Benchmark Report. As a benefit to filling out The Security Benchmark Report survey, security leader respondents receive a full (anonymized) report of responses with more detailed information beyond what is covered in Security’s November eMagazine and online.
The Security Benchmark Report is an editorial project, and respondent contact information collected is not sold or shared. There is no cost to participate in The Security Benchmark Report. All respondents must be responsible, at least in part, for the physical security of their organization. Organizations may only fill out the survey once for a particular company or agency. The Security Benchmark Report does not include contract security companies, guarding companies or those without a level of direct responsibility for security within their enterprise.
@import url(‘https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,opsz,wght@0,6..12,400;0,6..12,500;0,6..12,600;0,6..12,700;1,6..12,400;1,6..12,500;1,6..12,600;1,6..12,700&family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap’); h3 { font-weight: bold; font-size: 18px; color: #C72026; } figure { padding: 4px; margin: auto; } figcaption { color: #404144; font-family: ‘Nunito Sans’, Arial, sans-serif; font-size: 14px; padding: 2px; text-align: left; } .w3-container:after,.w3-container:before,.w3-panel:after,.w3-panel:before { content: “”; display: table; clear: both } .w3-container,.w3-panel { padding: 16px; margin-top: 16px; margin-bottom: 16px } .w3-leftbar { border-left: 6px solid #58526F!important } .w3-color,.w3-hover-color:hover { color: #58526F!important; background-color: #f1f0f4!important } .w3-sans-serif { font-family: ‘Nunito Sans’,Arial,sans-serif } .w3-black,.w3-hover-black:hover { color: #fff!important; background-color: #000!important } .w3-bar { width: 100%; overflow: hidden } .w3-center .w3-bar { display: inline-block; width: auto } .w3-bar .w3-bar-item { padding: 8px 16px; float: left; width: auto; border: none; display: block; outline: 0 } .w3-bar .w3-button { white-space: normal } .w3-button { border: none; display: inline-block; padding: 8px 16px; vertical-align: middle; overflow: hidden; text-decoration: none; color: inherit; background-color: inherit; text-align: center; cursor: pointer; white-space: nowrap } .w3-button { -webkit-touch-callout: none; -webkit-user-select: none; -khtml-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none } .w3-button { width: 100%; text-align: center; padding: 8px 16px } .w3-button:hover { color: #000!important; background-color: #ccc!important } .sidebarFullWidth { position: relative; left: -30px; margin-right: -60px; color: #fff; padding: 20px 40px; width: auto; box-shadow: none; font-family: “Nunito Sans”, “Open Sans”, sans-serif; background-color: #0a496d; } .accordionContainer { display: inline-block; padding: 0px; margin: 0px; width: 100%; } @media screen and (max-width: 720px) { .accordionContainer { clear: left; } } .accordionSection { display: none; padding: 0px; margin: 0px; margin-bottom: 75px; } .accordionSectionHeader { margin: 0px; text-align: center; background-color: #d3d3d3; color: #696969; font-weight: bold; padding-top: 10px; padding-bottom: 10px; padding-right: 5px; padding-left: 5px; max-width: 100%; border: 1px solid #ffffff; } .accordionSectionHeader h3 { margin: 0px; padding: 0px; } .accordionSectionHeader h3:hover { cursor: pointer; color: #c52026; } .accordionSectionHeader a, .accordionSectionHeader a:visited { color: #696969; cursor: pointer; text-decoration: none; } .accordionSectionHeader a:hover { color: #c52026; }
