Security magazine is excited to present The 2023 Security Benchmark Report, an editorial initiative that collects self-reported data from enterprise security programs across the globe and a wide range of market sectors to determine trends in security roles, responsibilities, technology, training and budget.

Our goal with The Security Benchmark Report is to provide a comparison of enterprise security programs across the security field and within market sectors. Each year we release the report, we aim to build a wider picture of how enterprise security programs change, grow and mature year-over-year.

The 2023 Security Benchmark Report is comprised of:

  • Main Report, which includes data across all respondents and sectors they represent.
  • Sector Reports, which include data broken down by sector.
  • The 2023 Benchmark Achievers, a section which showcases a number of security programs excelling in training, technology, new initiatives and crisis management.
  • Benchmark Leader Profiles, which provide an inside look into two enterprise security programs and their accomplishments in the past year.

The Security Benchmark Report is an editorial initiative that collects and reports on self-reported data from security leaders who are responsible, at least in part, for physical security in their organization.

Therefore, the biggest benefit to filling out The Security Benchmark Report survey is that each security executive respondent receives the raw, anonymized data from the survey to compare and contrast across the industry or specifically companies within their sector based on any metric they wish.

This year, we asked respondents to report on the roles, responsibilities and function of their security programs; the type and cost of security training they implemented last year; increases and decreases in their security budgets; metrics they and their leadership find most valuable; and more.

For even more insights, fill out The Security Benchmark Survey next year to receive the raw, anonymized data. The survey will be open from February to mid-July 2024. And don’t forget to join us for a special webinar presentation on The 2023 Security Benchmark Report on November 29, where we discuss the report in-depth and reveal statistics exclusive to the webinar.

Read on for the insights unearthed by The 2023 Security Benchmark Report!

Select a category below to view the 2023 data

Security Roles & Responsibilities

Roles chart 1

The Security Benchmark Report respondents were asked about their top issues & concerns in 2023 and 2024 in regards to risk mitigation and enterprise security. The top 10 answers appear above in order. Workplace violence has been ranked as the top concern by respondents since 2021. SOURCE: The Security Benchmark Report, November 2023


Roles chart 2

The Security Benchmark Report participants were asked where their security function reports to or resides within. The majority of security teams responding to this year’s Security Benchmark Report report to or reside within Human Resources, followed closely by Chief Risk or Legal Officer / Risk / Legal / General Counsel. Respondents who selected Other report into Public Affairs, Customer Service and the Chief Supply Chain Officer, among others. SOURCE: The Security Benchmark Report, November 2023


Roles chart 3

The Security Benchmark Report respondents were asked to choose the level or title of their senior-most security executive within their enterprise. The choices, which are not exhaustive, are meant to generally group titles for comparison and include: C-Level Executive, Director, Senior Director, Senior Manager, Vice President / General Manager or Not Applicable (N/A). Respondents reported the Vice President / General Manager title as their senior-most security executive role at a higher rate than the previous year, increasing from 24% in 2022. SOURCE: The Security Benchmark Report, November 2023


Roles chart 4

The Security Benchmark Report respondents were asked to report in which geographic areas their security organization provides risk and security services within their enterprise. Respondents chose as many geographic areas as applicable. SOURCE: The Security Benchmark Report, November 2023


Roles chart 5

The Security Benchmark Report respondents were asked if their security organization is Centralized, Decentralized or Regional. The majority of respondents reported their security organization as being Centralized. For this survey’s purpose, the distinction between Decentralized and Regional security is that some Regional security programs may behave in a Centralized manner for their determined region, while Decentralized generally means there may be security organizations in multiple locations within an enterprise functioning independently from one another. Those respondents choosing Other reported a mix of partially Centralized and partially Decentralized structures. SOURCE: The Security Benchmark Report, November 2023


Roles chart 6

The Security Benchmark Report participants were given a list of 36 roles and responsibilities that may fall under the security function at an organization and were asked for the level of responsibility the team has over that role within their enterprise. The above are the 15 most common job responsibilities that the security function owns, leads or manages, according to respondents. For this survey, owning or leading the responsibility means security both manages and funds the program, while managing means security manages the program, but another group funds it. SOURCE: The Security Benchmark Report, November 2023


Organizational Responsibilities: Security Roles & Functions

Respondents report on the responsibilities of their security programs, as well as the level of involvement they have in each role.

FUNCTION OWN / LEAD MANAGE SUPPORT NOT INVOLVED /
DO NOT HAVE /
DO NOT KNOW
Aligning security with the business 76% 16% 7% 1%
Asset protection / facilities protection 70% 21% 10% 0%
Brand protection / intellectual property / product protection / counterfeiting / fraud protection 15% 18% 53% 14%
Business resilience / business continuity / emergency management / disaster recovery 47% 14% 34% 5%
Business expansion support 8% 11% 67% 15%
Civil unrest / targeted protests 75% 12% 9% 4%
COVID-19 response 25% 18% 52% 4%
Corporate aviation security 14% 5% 27% 53%
Cybersecurity / information technology security / data protection 8% 4% 64% 24%
Drug & alcohol testing / background checks / other pre-employment screening 14% 12% 36% 38%
Duty of care / traveler protection & support / executive protection 58% 11% 16% 15%
Emergency notification 58% 14% 24% 4%
Emergency response and planning 53% 17% 30% 0%
Event security 67% 20% 8% 5%
Hate crimes / terrorism / extremism 66% 12% 13% 9%
Health and safety 21% 9% 50% 20%
International workforce protection and support 32% 10% 20% 38%
Investigations 64% 18% 16% 2%
Liaison with public-sector law enforcement agencies 82% 9% 4% 3%
Loss prevention / goods protection 60% 14% 16% 10%
Mergers & acquisitions (M&A) / business or site expansion / contraction planning & support 4% 2% 58% 36%
Parking & transportation security 40% 12% 25% 24%
Regulatory compliance / controls assurance, verification & validation 16% 20% 54% 11%
Risk & threat assessments / risk management planning / enterprise risk management 51% 23% 24% 2%
Security as a competitive advantage 45% 15% 16% 24%
Security audits / surveys / assessments 79% 14% 2% 4%
Security contract management: Guards / technology integrators / contract employees 65% 16% 9% 11%
Security operations center (SOC) management 73% 4% 2% 20%
Security staff development & training 83% 9% 5% 3%
Security strategy 90% 9% 2% 0%
Security technology & integration 71% 16% 10% 3%
Social media threat monitoring 37% 15% 36% 11%
Supply chain / logistics / distribution security 22% 8% 47% 24%
Vendor and channel partner vetting 14% 12% 41% 33%
Weather / natural disasters 41% 16% 38% 5%
Workplace violence / threat management / active shooter prevention 83% 9% 6% 2%

The Security Benchmark Report respondents were asked to report on the security team’s roles and responsibilities within their organization. This year, we asked security leaders for the level of responsibility for each function within their organization with the following choices: Own / Lead Function: Security manages and funds the program; Manage: Security manages the program but another group funds it; Support: Security sets policy, consults on the program (or represents physical security perspective) but does not manage or fund the program; Not Involved: Company has the program but security is not involved in it; Do Not Have; Do Not Know. We have combined Not Involved / Do Not Have / Do Not Know responses for the purposes of this chart. SOURCE: The Security Benchmark Report, November 2023


Roles chart 8

SOURCE: The Security Benchmark Report, November 2023

Roles chart 9

SOURCE: The Security Benchmark Report, November 2023

Roles chart 10

SOURCE: The Security Benchmark Report, November 2023


Roles chart 11

In order to participate in The Security Benchmark Report, respondents must be responsible, at least in part, for physical security within their organization. We asked survey respondents for more insight into the ever-evolving and changing roles of security, including whether their program is responsible for both physical security and health & safety, as well as physical security and cybersecurity. This year’s statistics represent decreases compared to 2022, when 22% of security departments reported being responsible for cybersecurity and 56% reported responsibility for health and safety as well as physical security. SOURCE: The Security Benchmark Report, November 2023

download-report

Security Budgets, Spending & More

Budget chart 1

The Security Benchmark Report captures information on security budgets and total reported revenue / operating budget in the overall organization. To calculate the security budget as a percentage of revenue across the enterprise, the security budget is divided by the total revenue. Companies that reported information on both security budget and total revenue are included in this number; however, if any numbers appeared inaccurately reported or incorrect, they were removed from the calculation. SOURCE: The Security Benchmark Report, November 2023


Budget chart 2

Above is the average security budget as a percent of revenue by market sector. The Security Benchmark Report captures information on security budgets and total reported revenue / operating budget in the overall organization. To calculate the security budget as a percentage of revenue across the enterprise, the security budget is divided by the total revenue. Companies that reported information on both security budget and total revenue are included in this number; however, if any numbers appeared inaccurately reported or incorrect, they were removed from the calculation. If a given sector did not have enough accurate data to calculate an average, it was not included in the above reporting. SOURCE: The Security Benchmark Report, November 2023


Budget chart 3

A majority of The Security Benchmark Report respondents reported an increased security budget compared with the previous year’s budget. However, fewer respondents reported an increased security budget in 2023 compared to 2022. In 2022, 69% of respondents reported an increased budget, while, in 2023, 65% of respondents reported an increased security budget year-over-year. SOURCE: The Security Benchmark Report, November 2023


Budget chart 4

If The Security Benchmark Report respondents indicated an increased security budget in 2023 compared with 2022, they were asked what percentage that budget increased. The average increase reported by those respondents for 2023 was 14%. If respondents indicated their security budget in 2023 decreased compared with 2022, they were asked for the percentage decrease. The average decrease reported by those respondents for 2023 was 7%. In 2022, the average increase in security budget was 19% and the average decrease in security budget was 11%. SOURCE: The Security Benchmark Report, November 2023


download-report

Security Guarding & Operations

Guarding chart 1

Of those The Security Benchmark Report respondents that reported using guard / officer forces at their organization, 48% of security leaders report using both proprietary and contract officer / guard forces, while 18% report having only proprietary guards and 34% reported having only third-party / contract guards. SOURCE: The Security Benchmark Report, November 2023


Guarding chart 2

Overall, 67% of The Security Benchmark Report respondents reported having a security operations center (SOC) or global security operations center (GSOC) within their enterprise. Respondents that answered “Yes” to having a SOC were asked if their SOCs provide security and risk services to the entire enterprise or just a particular region or site. Overall, among all sectors, 75% of respondents that reported having a SOC offer those services to the entire enterprise. SOURCE: The Security Benchmark Report, November 2023


Guarding chart 3

Among the 67% of The Security Benchmark Report respondents that reported having a global security operations center (GSOC) or security operations center (SOC), Security magazine asked respondents which services their SOCs provide to the enterprise, represented in the bar graph above. Respondents were able to choose as many responses as applicable. Respondents who selected Other reported SOC functions including monitoring for infant abductions, providing support for women’s safety, and supporting building automation. SOURCE: The Security Benchmark Report, November 2023


download-report

Security-Related Training & Technology

Training chart 1

Above is the average money spent on security-related training by sector, based on self-reported information from The Security Benchmark Report respondents. Information that appeared to be inaccurately reported was excluded from these calculations. SOURCE: The Security Benchmark Report, November 2023


Training chart 2

The Security Benchmark Report respondents were asked to report the security-related training they held within their enterprise in 2022. Respondents were able to choose multiple populations for each training if applicable. For example, with Workplace violence, some organizations implemented training for both security staff, as well as targeted cross-functional groups. Respondents were allowed to report using as many training types as applicable. “Not Applicable” refers to those organizations that did not implement that type of training in 2022. In addition to these responses, respondents were able to choose “Other.” Some of those responses included: COVID-19 infection prevention; diversity, equity and inclusion; business continuity & resilience; active shooter; human trafficking identification & prevention; and de-escalation. SOURCE: The Security Benchmark Report, November 2023


Training chart 3

The Security Benchmark Report respondents were asked which physical and / or electronic security systems and equipment their enterprise currently has in place. Respondents were able to choose as many systems as applicable. Of those respondents who selected Other, additional security technologies they have implemented in their enterprises include: biometrics-based security solutions; gunshot detection; weapons screening; open-source intelligence monitoring; and duress technology. *Two-way radio systems are included here if reported for security personnel only. SOURCE: The Security Benchmark Report, November 2023


Training chart 4

The Security Benchmark Report respondents were asked how much their organization plans to spend on electronic physical security systems and services this year. Respondents were asked to choose the range that best describes their planned spending. SOURCE: The Security Benchmark Report, November 2023


download-report

Security Teams Using Metrics

Security Teams Emphasizing Metrics to Define Productivity

These security programs report maintaining a metrics program that clearly defines productivity, value creation and cost avoidance.


COMPANY SECURITY BENCHMARK LEADER TITLE
Abercrombie and Fitch Shane Berry GVP, Asset Protection and Chief Security Officer
Adtalem Global Education Robert Soderberg Vice President, Chief Safety, Security & Resiliency Officer
Advocate Health Randy Stephan System Vice President for Security
AMBSE Joe Coomer Vice President, Security
American Electric Power Steve Swick Chief Security Officer
American Family Insurance Jeff Wiegand Vice President, Protective Services
Arthrex Kevin Cliff Director, Corporate Security Services
Associated Grocers of New England, Inc Alan R. Cote Director of Risk Management
AVANGRID Brian Harrell Vice President & Chief Security Officer
Baker Hughes Kevin Wetherington Chief Health, Safety, Environment, Security, & Quality Officer
Ballad Health Ken Harr Assistant Vice President / Chief Security Officer
Big Lots Robert LaCommare Vice President, Asset Protection & Safety
Bridgestone Corp Josh Walker Vice President, Corporate Security and Enterprise Risk
Casino du Lac-Leamy Pierre Cote Chief of Operations
Chico's FAS Inc. Joe Biffar Vice President, Asset Protection
Chubb Richard M. Kelly Senior Vice President, Chief Security Officer
CIP Corps Karl Perman CEO
Clarios Robb Koops Global Security Director
Cleveland Clinic Gordon Snow Chief Security Officer
Corning Inc. Steve Harrold Vice President, Global Security/td>
County of Ventura David Barley Division Head
Duke University John H. Dailey Chief of Police
Ecentria - OpticsPlanet Gary Stewart Director, Corporate Security
Facebook Nick Lovrien Chief Global Security Officer
GE Healthcare Shiva Rajagopalan Senior Director of Infrastructure and Facilities
GoDaddy Jason Veiock Senior Director, Safety, Security & Resilience
Hamilton Health Sciences Todd Milne Director, Security Services and Emergency Disaster Management
HMPL Sambit Nath Head of Security
Keurig Dr Pepper Ryan DeStefano Director of Corporate Security
Kyndryl Catherine Killian Vice President & Chief Security Officer
Lexington County Health Services District Department of Public Safety Justin McClarrie Director of Public Safety
Massachusetts General Hospital Bonnie Michelman Executive Director, Police, Security & Outside Services
McLeod Health J. Wayne Byrd Director of Security
Memorial Healthcare Jeff Hauk, MBA, MSA, CPP, CHPA Director, Public Safety and Police Authority Services
National Labor Relations Board Raymond Hankins Chief Security Officer
Nationwide Mutual Jay C. Beighley Senior Associate Vice President
Northwest Community Healthcare CEO
NRG Energy, Inc. Joe Walters Sr. Director, Enterprise Security, Real Estate and Facilities
PepsiCo, Inc. Michael Lee Senior Vice President, Chief Security Officer
Petco Steven J. Bova Director, Loss Prevention
Power Integrations Balu Balakrishnan CEO
Regitt Consulting Services Ltd

General Manager, Security
Sabre Jesse Campbell Global Safety & Security Leader
San Antonio Water System Steven Tijerina Manager
Seattle Children's Hospital Jim Sawyer Security Director
State Street Stephen D. Baker, CPP Senior Vice President and Chief Security Officer
Synopsys, Inc. Jim Fussell Senior Director, Global Safety, Security & Resilience
Tampa General Hospital Tony Venezia Senior Director of Public Safety
Texas Biomedical Research Institute Mark A. Hammargren, CPP Director, Security & Emergency Preparedness
University of Alabama at Birmingham Mike Hasselbrink Director of Physical Security
University of Redlands Stanley Skipworth Associate Vice President / Chief
University of Pennsylvania Kathleen Shields Anderson, J.D., MBA Vice President for Public Safety
US DataVault Marc Shaffer CEO
University of Texas Police at Houston William Adcox Vice President, Chief of Police and Chief Security Officer
Victoria's Secret & Co John Talamo Senior Vice President, Asset Protection
Waters Technologies Corporation Katherine Collins Sr. Manager, Corporate Global Security
Xylem Maribeth Anderson Global Senior Director
Yale University Public Safety Ronnell Higgins Associate Vice President for Public Safety and Community Engagement
Yazaki North America Canton HQ Bert Morales Vice President, Corporate Security

The above list (in alphabetical order) are those security leaders that reported maintaining a security metrics program that defines productivity, value creation and cost avoidance. Respondents are allowed to remain anonymous from any listings or rankings within the published The Security Benchmark Report; therefore, any respondents choosing to remain anonymous are not included in this list. SOURCE: The Security Benchmark Report, November 2023


download-report