Security Benchmark Report 2023

BENCHMARKING SECURITY
This year’s report offers security leaders insights into how

they and their peers have matured their programs’ role,
technology, training and budget over the last year.
www.SecurityMagazine.com
updated 10/16/23
The 2023 Security Benchmark Report
This year’s report offers security leaders insights into how they and their peers
have matured their programs’ role, technology, training and budget over the last year.
By Madeline Lauver, Editor in Chief
Security magazine is excited to present The 2023 Security Benchmark Report, an editorial initiative
that collects self-reported data from enterprise security programs across the globe and a wide range
of market sectors to determine trends in security roles, responsibilities, technology, training and
budget.
Our goal with The Security Benchmark Report is to provide a comparison of enterprise security
programs across the security field and within market sectors. Each year we release the report, we aim
to build a wider picture of how enterprise security programs change, grow and mature year-over-year.
The 2023 Security Benchmark Report is comprised of:
• Main Report, which includes data across all respondents and sectors they represent.
• Sector Reports, which include data broken down by sector.
• The 2023 Benchmark Achievers, a section which showcases a number of security programs
excelling in training, technology, new initiatives and crisis management.
• Benchmark Leader Profiles, which provide an inside look into two enterprise security programs
and their accomplishments in the past year.
The Security Benchmark Report is an editorial initiative that collects and reports on self-reported
data from security leaders who are responsible, at least in part, for physical security in their
organization.
While The Security Benchmark Report aims to offer security programs insights into what their peers
are doing, we understand that the metrics important to one program may be completely different than
another program.
Therefore, the biggest benefit to filling out The Security Benchmark Report survey is that each
security executive respondent receives the raw, anonymized data from the survey to compare and
contrast across the industry or specifically companies within their sector based on any metric they
wish.
This year, we asked respondents to report on the roles, responsibilities and function of their security
programs; the type and cost of security training they implemented last year; increases and decreases
in their security budgets; metrics they and their leadership find most valuable; and more.
For even more insights, fill out The Security Benchmark Survey next year to receive the raw,
anonymized data. The survey will be open from February to mid-July 2024. And don’t forget to join us
for a special webinar presentation on The 2023 Security Benchmark Report on November 29, where
we discuss the report in-depth and reveal statistics exclusive to the webinar.
Read on for the insights unearthed by The 2023 Security Benchmark Report!
2
TABLE OF CONTENTS
MAIN REPORT 2023 BENCHMARK ACHIEVERS
4 SECURITY ROLES & RESPONSIBILITIES 62 TRAINING
10 SECURITY BUDGETS, 63 CRISIS MANAGEMENT
SPENDING & MORE 64 NEW INITIATIVES
12 SECURITY GUARDING & OPERATIONS 65 TECHNOLOGY
14 SECURITY-RELATED
TRAINING & TECHNOLOGY REPORT METHODOLOGY
17 SECURITY TEAMS USING METRICS
66 METHODOLOGY
SECTOR REPORTS
19 AGRICULTURE, FOOD & BEVERAGE
22 BANKING & INSURANCE
26 HEALTHCARE
30 HIGHER EDUCATION
34 HOSPITALITY & ENTERTAINMENT
38 INFORMATION TECHNOLOGY & MEDIA
42 MANUFACTURING
46 PHARMA & BIOTECH
50 REAL ESTATE, PROPERTY
MANAGEMENT, CONSTRUCTION
54 RETAIL & RESTAURANT
58 UTILITIES & DISTRIBUTION
3
SECURITY ROLES & RESPONSIBILITIES
Top 10 Biggest Issues / Concerns for Security Leaders
RANK Issues / Concerns
1. Workplace violence
2. Business continuity and business resilience
3. Cybersecurity
4. Crisis management
5. Staffing and training
6. Risk and threat intelligence
7. Theft (loss prevention / asset protection)
8. Security budget
9. (tie) Civil unrest / targeted protests
9. (tie) Insider threats
The Security Benchmark Report respondents were asked about their top issues & concerns in 2023 and 2024 in regards to risk
mitigation and enterprise security. The top 10 answers appear above in order. Workplace violence has been ranked as the top concern
by respondents since 2021. SOURCE: The Security Benchmark Report, November 2023
Where Security Lives Within the Enterprise

Function / %
Human Resources — 16%
Chief Risk or Legal Officer / Risk / Legal / General Counsel — 15%
Chief Administrative Officer / Shared Services — 13%
Other — 13%
CEO / President / Owner / Executive Director — 12%
COO / Operations — 12%
Facilities — 8%
CFO / Finance — 4%
GM / Business Unit — 3%
CIO / Information Technology — 2%
Chief Technology Officer — 1%
Internal Audit — 1%
The Security Benchmark Report participants were asked where their security function reports to or resides within. The majority of
security teams responding to this year’s Security Benchmark Report report to or reside within Human Resources, followed closely
by Chief Risk or Legal Officer / Risk / Legal / General Counsel. Respondents who selected Other report into Public Affairs, Customer
Service and the Chief Supply Chain Officer, among others. SOURCE: The Security Benchmark Report, November 2023
4
Title of Senior-Most Security Executive

Title / %
Vice President / General Manager — 38%
Director — 24%
Senior Director — 18%
C-Level Executive — 12%
Not Applicable — 4%
Senior Manager — 4%
The Security Benchmark Report respondents were asked to choose the level or title of their senior-most security executive within their
enterprise. The choices, which are not exhaustive, are meant to generally group titles for comparison and include: C-Level Executive,
Director, Senior Director, Senior Manager, Vice President / General Manager or Not Applicable (N/A). Respondents reported the Vice
President / General Manager title as their senior-most security executive role at a higher rate than the previous year, increasing from
24% in 2022. SOURCE: The Security Benchmark Report, November 2023
Geographic Security Responsibility

Location / %
North America — 95%
Europe — 49%
Asia — 47%
South America — 40%
Oceania (including Australia) — 34%
Africa — 33%
The Security Benchmark Report respondents were asked to report in which geographic areas their security organization provides
risk and security services within their enterprise. Respondents chose as many geographic areas as applicable. SOURCE: The Security
Benchmark Report, November 2023
5
Structure of Security
Area / %
● Centralized — 85%
● Decentralized — 7%
● Other — 4%
● Regional — 4%
85% 7% 4% 4%
The Security Benchmark Report respondents were asked if their security organization is Centralized, Decentralized or Regional.
The majority of respondents reported their security organization as being Centralized. For this survey’s purpose, the distinction
between Decentralized and Regional security is that some Regional security programs may behave in a Centralized manner for their
determined region, while Decentralized generally means there may be security organizations in multiple locations within an enterprise
functioning independently from one another. Those respondents choosing Other reported a mix of partially Centralized and partially
Decentralized structures. SOURCE: The Security Benchmark Report, November 2023
Security’s Responsibilities
Top 15 Roles That Security Owns, Leads or Manages
1. Security strategy
2. (tie) Aligning security with the business
2. (tie) Security audits / surveys / assessments
2. (tie) Workplace violence / threat management / active shooter
prevention
5. (tie) Liaison with public-sector law enforcement agencies
5. (tie) Security staff development & training
7. Asset protection / facilities protection
8. Security technology & integration
9. Event security
10. Civil unrest / targeted protests
11. Security contract management: Guards / technology integrators
/ contract employees
12. Investigations
13. Security operations center management
14. Hate crimes / terrorism / extremism
15. Loss prevention / goods protection
The Security Benchmark Report participants were given a list of 36 roles and responsibilities that may fall under the security function
at an organization and were asked for the level of responsibility the team has over that role within their enterprise. The above are
the 15 most common job responsibilities that the security function owns, leads or manages, according to respondents. For this
survey, owning or leading the responsibility means security both manages and funds the program, while managing means security
manages the program, but another group funds it. SOURCE: The Security Benchmark Report, November 2023
6
Organizational Responsibilities: Security Roles & Functions
Respondents report on the responsibilities of their security programs, as well as the level of involvement they have in each role.
Not Involved /
Function Own / Lead Manage Support Do Not Have /
Do Not Know
Aligning security with the business 76% 16% 7% 1%
Asset protection / facilities protection 70% 21% 10% 0%
Brand protection / intellectual property / product protection / counterfeiting / fraud protection 15% 18% 53% 14%
Business resilience / business continuity / emergency management / disaster recovery 47% 14% 34% 5%
Business expansion support 8% 11% 67% 15%
Civil unrest / targeted protests 75% 12% 9% 4%
COVID-19 response 25% 18% 52% 4%
Corporate aviation security 14% 5% 27% 53%
Cybersecurity / information technology security / data protection 8% 4% 64% 24%
Drug & alcohol testing / background checks / other pre-employment screening 14% 12% 36% 38%
Duty of care / traveler protection & support / executive protection 58% 11% 16% 15%
Emergency notification 58% 14% 24% 4%
Emergency response and planning 53% 17% 30% 0%
Event security 67% 20% 8% 5%
Hate crimes / terrorism / extremism 66% 12% 13% 9%
Health and safety 21% 9% 50% 20%
International workforce protection and support 32% 10% 20% 38%
Investigations 64% 18% 16% 2%
Liaison with public-sector law enforcement agencies 82% 9% 4% 3%
Loss prevention / goods protection 60% 14% 16% 10%
Mergers & acquisitions (M&A) / business or site expansion / contraction planning & support 4% 2% 58% 36%
Parking & transportation security 40% 12% 25% 24%
Regulatory compliance / controls assurance, verification & validation 16% 20% 54% 11%
Risk & threat assessments / risk management planning / enterprise risk management 51% 23% 24% 2%
Security as a competitive advantage 45% 15% 16% 24%
Security audits / surveys / assessments 79% 14% 2% 4%
Security contract management: Guards / technology integrators / contract employees 65% 16% 9% 11%
Security operations center (SOC) management 73% 4% 2% 20%
Security staff development & training 83% 9% 5% 3%
Security strategy 90% 9% 2% 0%
Security technology & integration 71% 16% 10% 3%
Social media threat monitoring 37% 15% 36% 11%
Supply chain / logistics / distribution security 22% 8% 47% 24%
Vendor and channel partner vetting 14% 12% 41% 33%
Weather / natural disasters 41% 16% 38% 5%
Workplace violence / threat management / active shooter prevention 83% 9% 6% 2%
The Security Benchmark Report respondents were asked to report on the security team’s roles and responsibilities within their organization. This year, we asked security leaders for the level of
responsibility for each function within their organization with the following choices: Own / Lead Function: Security manages and funds the program; Manage: Security manages the program but another
group funds it; Support: Security sets policy, consults on the program (or represents physical security perspective) but does not manage or fund the program; Not Involved: Company has the program but
security is not involved in it; Do Not Have; Do Not Know. We have combined Not Involved / Do Not Have / Do Not Know responses for the purposes of this chart. SOURCE: The Security Benchmark Report,
November 2023
7
Do Security Teams Have a Charter or Policy / Policies Within the
Enterprise that Clearly Define(s) the Role / Authority of Security?
Under
development
7%
NO
10%
YES
83%
● YES 83%
● NO 10%
● Under development / planned for this year /
do not know 7%
SOURCE: The Security Benchmark Report, November 2023
Do Security Teams Maintain a Security Metrics Program That Clearly Do Security Organizations Track / Maintain Security-Related Metrics
Defines Productivity, Value Creation and Cost Avoidance? / Analysis or Data to Help Determine Incident Response, Proper
Staffing, etc.?
NO
Under 9%
development
19%
Under
development
12%
NO
16%
YES YES
65% 79%
● YES 65% ● YES 79%

● Under development / planned for this year 19% ● Under development / planned for this year 12%
● NO 16% ● NO 9%
SOURCE: The Security Benchmark Report, November 2023 SOURCE: The Security Benchmark Report, November 2023
8
Pre-Employment Screening Conducted Across the Enterprise
Type of Check / Test — %
Criminal background — 85%
Employment reference — 80%
Drug tests — 63%
Personal reference checks — 59%

WEBINAR ONLY
Credit checks — 44%
Social media reviews — 34%
Military background — 19%
Other — 11%
Don’t know — 8%
None of the above — 2%
The Security Benchmark Report respondents were asked what security checks / testing the organization conducts as part
of pre-employment screening. Respondents were allowed to indicate as many answers as applicable to their organization.
Respondents were also able to choose Other (11%) or Don’t know (8%). The Don’t know answer is meant to give other security
organizations knowledge into the roles, responsibilities and maturity of other security programs. For this question, other forms
of screening indicated by respondents included media checks and DMV checks, and some respondents indicated that pre-
employment screening procedures differed between employee level (junior vs. executive) and location. SOURCE: The Security
Security Executive Insights

Is your highest security-related role within the organization responsible for both
physical security and cybersecurity?
12% 88%
YES NO
Is your highest security-related role within the organization ultimately responsible for
both physical security and health & safety?
37% 63%
YES NO
In order to participate in The Security Benchmark Report, respondents must be responsible, at least in part, for physical security within
their organization. We asked survey respondents for more insight into the ever-evolving and changing roles of security, including
whether their program is responsible for both physical security and health & safety, as well as physical security and cybersecurity. This
year’s statistics represent decreases compared to 2022, when 22% of security departments reported being responsible for cybersecurity
and 56% reported responsibility for health and safety as well as physical security. SOURCE: The Security Benchmark Report, November
2023
9
SECURITY BUDGETS, SPENDING & MORE
Average Security Budget as Percent of Revenue
2.3%
The average security budget as a percent of
revenue among The Security Benchmark Report
respondents was 2.3%.
The Security Benchmark Report captures information on security budgets and total reported revenue / operating budget in the overall
organization. To calculate the security budget as a percentage of revenue across the enterprise, the security budget is divided by the
total revenue. Companies that reported information on both security budget and total revenue are included in this number; however, if
any numbers appeared inaccurately reported or incorrect, they were removed from the calculation. SOURCE: The Security Benchmark
Report, November 2023
Average Security Budget as a Percent of Revenue by Sector

Sector / Average Security Budget as a Percent of Revenue
Utilities & Distribution — 4%
Healthcare — 3%
Pharma & Biotech — 1%
Banking & Insurance — 0.75%
Higher Education — 0.6%
Hospitality & Entertainment — 0.6%
Manufacturing — 0.4%
Information Technology & Media — 0.3%
Retail & Restaurant — 0.2%
Above is the average security budget as a percent of revenue by market sector. The Security Benchmark Report captures information
on security budgets and total reported revenue / operating budget in the overall organization. To calculate the security budget as a
percentage of revenue across the enterprise, the security budget is divided by the total revenue. Companies that reported information
on both security budget and total revenue are included in this number; however, if any numbers appeared inaccurately reported or
incorrect, they were removed from the calculation. If a given sector did not have enough accurate data to calculate an average, it was
not included in the above reporting. SOURCE: The Security Benchmark Report, November 2023
10
SECURITY BUDGETS, SPENDING & MORE
Security Budget Comparisons Year-Over-Year
Increase 8%
15% STAYED THE SAME 26%
STAYED THE SAME STAYED THE SAME
23%
DECREASE
Decrease 19%
DECREASE
9%
DECREASE
69%
Stayed the same 66% INCREASE 65%
INCREASE INCREASE
2021 2022 2023

A majority of The Security Benchmark Report respondents reported an increased security budget compared with the previous year’s
budget. However, fewer respondents reported an increased security budget in 2023 compared to 2022. In 2022, 69% of respondents
reported an increased budget, while, in 2023, 65% of respondents reported an increased security budget year-over-year. SOURCE:
The Security Benchmark Report, November 2023
How Much Did Security Budgets Change Year-Over-Year?
21%
19%
AVERAGE
PERCENTAGE
INCREASE
AVERAGE 14% 14%

PERCENTAGE
DECREASE
11%
7%
2021 2022 2023
If The Security Benchmark Report respondents indicated an increased security budget in 2023 compared with 2022, they were
asked what percentage that budget increased. The average increase reported by those respondents for 2023 was 14%. If respondents
indicated their security budget in 2023 decreased compared with 2022, they were asked for the percentage decrease. The average
decrease reported by those respondents for 2023 was 7%. In 2022, the average increase in security budget was 19% and the average
decrease in security budget was 11%. SOURCE: The Security Benchmark Report, November 2023
11
SECURITY GUARDING & OPERATIONS
Use of Security Guards / Officers
Both proprietary and contract guarding — 48%
Contract guarding only — 34%
Proprietary guarding only — 18%
Of those The Security Benchmark Report respondents that reported using guard / officer forces at their organization, 48% of security
leaders report using both proprietary and contract officer / guard forces, while 18% report having only proprietary guards and 34%
reported having only third-party / contract guards. SOURCE: The Security Benchmark Report, November 2023
Do You Have a Security Operations Center (SOC)?
Yes — 67%
No — 33%
Do You Have a Security Operations Center (SOC)?
Yes — 67%
Security Operations Center Reach
No — 33%
Entire enterprise — 75%
Limited to a particular site or region — 25%

Security Operations Center Reach
Entire enterprise — 75%
Limited to a particular site or region — 25%
Overall, 67% of The Security Benchmark Report respondents reported having a security operations center (SOC) or global security
operations center (GSOC) within their enterprise. Respondents that answered “Yes” to having a SOC were asked if their SOCs provide
security and risk services to the entire enterprise or just a particular region or site. Overall, among all sectors, 75% of respondents that
reported having a SOC offer those services to the entire enterprise. SOURCE: The Security Benchmark Report, November 2023
12
SECURITY GUARDING & OPERATIONS
What Services Do Security Operations Centers Provide?

Function / %
Monitoring and triaging internal incidents reported — 92%
Monitoring video surveillance and alarms — 90%
Monitoring external events that may impact the enterprise — 90%
Monitoring weather and alerting enterprise of potential impacts — 87%
Administering access control permissions and monitoring alarms — 84%
Answering and routing general inquiry phone calls — 81%
Preparing risk assessments and situation reports — 57%
Tracking executive travel and events — 57%
Monitoring social media posts that name the enterprise and / or top executives — 56%
Tracking all business travel and / or developing and distributing travel security guidance — 52%
Monitoring executive home security systems and responding to alarms — 30%
Performing COVID-19 data collection and / or contact tracing — 30%
Monitoring cyber-related incidents or threats — 22%
Other — 14%
Among the 67% of The Security Benchmark Report respondents that reported having a global security operations center (GSOC)
or security operations center (SOC), Security magazine asked respondents which services their SOCs provide to the enterprise,
represented in the bar graph above. Respondents were able to choose as many responses as applicable. Respondents who selected
Other reported SOC functions including monitoring for infant abductions, providing support for women’s safety, and supporting
building automation. SOURCE: The Security Benchmark Report, November 2023
13
SECURITY-RELATED TRAINING & TECHNOLOGY
Money Spent on Security-Related Training by Sector
Sector / Average Money Spent on Security-Related Training
Healthcare — $284,000
Higher Education — $279,000
Utilities & Distribution — $268,000
Hospitality & Entertainment — $175,000
Information Technology & Media — $118,000
Manufacturing — $104,000
Banking & Insurance — $100,000
Agriculture, Food & Beverage — $98,000
Retail & Restaurant — $75,000
Pharma & Biotech — $43,000
Real Estate, Property Management, Construction — $20,000
Above is the average money spent on security-related training by sector, based on self-reported information from The Security
Benchmark Report respondents. Information that appeared to be inaccurately reported was excluded from these calculations. SOURCE:
Which of the Following Security-Related Training

Did You Implement at Your Organization Last Year?
Targeted
Security Enterprise- Cross- Not
Type of Training Staff Wide Functional Applicable
Group
Crisis management 58% 25% 55% 11%
Emergency response 62% 35% 48% 8%
Executive protection 57% 8% 26% 29%
Insider threat 45% 34% 34% 24%
Investigation-related 64% 11% 33% 24%
Leadership
62% 21% 32% 14%
development
Security technology 67% 11% 36% 14%
Workplace violence 54% 75% 43% 8%
Caption: The Security Benchmark Report respondents were asked to report the security-related training they held within their
enterprise in 2022. Respondents were able to choose multiple populations for each training if applicable. For example, with Workplace
violence, some organizations implemented training for both security staff, as well as targeted cross-functional groups. Respondents
were allowed to report using as many training types as applicable. “Not Applicable” refers to those organizations that did not
implement that type of training in 2022. In addition to these responses, respondents were able to choose “Other.” Some of those
responses included: COVID-19 infection prevention; diversity, equity and inclusion; business continuity & resilience; active shooter;
human trafficking identification & prevention; and de-escalation. SOURCE: The Security Benchmark Report, November 2023
14
What Physical Security / Electronic Security Systems
Does Your Enterprise Currently Have in Place?
Type / %
Access control — 98%
Video management system (VMS) — 97%
ID / badging — 95%
Intrusion detection — 86%
Mass notification — 85%
Two-way radio* — 82%
Visitor management — 81%
Intercom / communications — 75%
Other — 71%
Perimeter security — 66%
Travel security monitoring — 62%
Facility risk monitoring — 56%
Executive tracking — 35%
Drones / robots — 11%
The Security Benchmark Report respondents were asked which physical and / or electronic security systems and equipment their
enterprise currently has in place. Respondents were able to choose as many systems as applicable. Of those respondents who
selected Other, additional security technologies they have implemented in their enterprises include: biometrics-based security
solutions; gunshot detection; weapons screening; open-source intelligence monitoring; and duress technology. *Two-way radio
systems are included here if reported for security personnel only. SOURCE: The Security Benchmark Report, November 2023
15
What Does Your Organization Plan to Spend on Electronic

Physical Security Systems and Services in 2023?
Budget / %
$1 million or more — 47%
$500,000 to $999,999 — 13%
$250,000 to $499,999 — 16%
$100,000 to $249,999 — 11%
$50,000 to $99,999 — 7%
$25,000 to $49,999 — 4%
Less than $25,000 — 2%
Caption: The Security Benchmark Report respondents were asked how much their organization plans to spend on electronic physical
security systems and services this year. Respondents were asked to choose the range that best describes their planned spending.
16
SECURITY TEAMS USING METRICS
Security Teams Emphasizing Metrics to Define Productivity
These security programs report maintaining a metrics program that clearly defines productivity, value creation and cost avoidance.
Company Security Benchmark Leader Title
Abercrombie and Fitch Shane Berry GVP, Asset Protection and Chief Security Officer
Adtalem Global Education Robert Soderberg Vice President, Chief Safety, Security & Resiliency Officer
Advocate Health Randy Stephan System Vice President for Security
AMBSE Joe Coomer Vice President, Security
American Electric Power Steve Swick Chief Security Officer
American Family Insurance Jeff Wiegand Vice President, Protective Services
Arthrex Kevin Cliff Director, Corporate Security Services
Associated Grocers of New England, Inc Alan R. Cote Director of Risk Management
AVANGRID Brian Harrell Vice President & Chief Security Officer
Baker Hughes Kevin Wetherington Chief Health, Safety, Environment, Security, & Quality Officer
Ballad Health Ken Harr Assistant Vice President / Chief Security Officer
Big Lots Robert LaCommare Vice President, Asset Protection & Safety
Bridgestone Corp Josh Walker Vice President, Corporate Security and Enterprise Risk
Casino du Lac-Leamy Pierre Cote Chief of Operations
Chico's FAS Inc. Joe Biffar Vice President, Asset Protection
Chubb Richard M. Kelly Senior Vice President, Chief Security Officer
CIP Corps Karl Perman CEO
Clarios Robb Koops Global Security Director
Cleveland Clinic Gordon Snow Chief Security Officer
Corning Inc. Steve Harrold Vice President, Global Security
County of Ventura David Barley Division Head
Duke University John H. Dailey Chief of Police
Ecentria - OpticsPlanet Gary Stewart Director, Corporate Security
Facebook Nick Lovrien Chief Global Security Officer
GE Healthcare Shiva Rajagopalan Senior Director of Infrastructure and Facilities
GoDaddy Jason Veiock Senior Director, Safety, Security & Resilience
Hamilton Health Sciences Todd Milne Director, Security Services and Emergency Disaster Management
HMPL Sambit Nath Head of Security
Keurig Dr Pepper Ryan DeStefano Director of Corporate Security
Kyndryl Catherine Killian Vice President & Chief Security Officer

Lexington County Health Services
Justin McClarrie Director of Public Safety
District Department of Public Safety
17
SECURITY TEAMS USING METRICS
Security Teams Emphasizing Metrics to Define Productivity
These security programs report maintaining a metrics program that clearly defines productivity, value creation and cost avoidance.
Company Security Benchmark Leader Title
Massachusetts General Hospital Bonnie Michelman Executive Director, Police, Security & Outside Services
McLeod Health J. Wayne Byrd Director of Security
Memorial Healthcare Jeff Hauk, MBA, MSA, CPP, CHPA Director, Public Safety and Police Authority Services
National Labor Relations Board Raymond Hankins Chief Security Officer
Nationwide Mutual Jay C. Beighley Senior Associate Vice President
Northwest Community Healthcare CEO
NRG Energy, Inc. Joe Walters Sr. Director, Enterprise Security, Real Estate and Facilities
PepsiCo, Inc. Michael Lee Senior Vice President, Chief Security Officer
Petco Steven J. Bova Director, Loss Prevention
Power Integrations Balu Balakrishnan CEO
Regitt Consulting Services Ltd General Manager, Security
Sabre Jesse Campbell Global Safety & Security Leader
San Antonio Water System Steven Tijerina Manager
Seattle Children's Hospital Jim Sawyer Security Director
State Street Stephen D. Baker, CPP Senior Vice President and Chief Security Officer
Synopsys, Inc. Jim Fussell Senior Director, Global Safety, Security & Resilience
Tampa General Hospital Tony Venezia Senior Director of Public Safety
Texas Biomedical Research Institute Mark A. Hammargren, CPP Director, Security & Emergency Preparedness
University of Alabama at Birmingham Mike Hasselbrink Director of Physical Security
University of Redlands Stanley Skipworth Associate Vice President / Chief
University of Pennsylvania Kathleen Shields Anderson, J.D., MBA Vice President for Public Safety
US DataVault Marc Shaffer CEO
University of Texas Police at Houston William Adcox Vice President, Chief of Police and Chief Security Officer
Victoria's Secret & Co John Talamo Senior Vice President, Asset Protection
Waters Technologies Corporation Katherine Collins Sr. Manager, Corporate Global Security
Xylem Maribeth Anderson Global Senior Director
Yale University Public Safety Ronnell Higgins Associate Vice President for Public Safety and Community Engagement
Yazaki North America Canton HQ Bert Morales Vice President, Corporate Security
The above list (in alphabetical order) are those security leaders that reported maintaining a security metrics program that defines productivity, value creation and cost avoidance. Respondents are allowed to remain anonymous from
any listings or rankings within the published The Security Benchmark Report; therefore, any respondents choosing to remain anonymous are not included in this list. SOURCE: The Security Benchmark Report, November 2023
18
SECTOR REPORTS
AGRICULTURE, FOOD & BEVERAGE
This sector includes those organizations reporting agriculture, farming, food production & processing, or food & beverage services as their primary market sector of business.
Money Spent on Security-Related Training —

Agriculture, Food & Beverage
$98,000
Among the Agriculture, Food & Beverage sector, the
average amount of money spent on security-related
training in 2022 was $98,000.
The Security Benchmark Report respondents in the Agriculture, Food & Beverage sector reported an average of $98,000 in security-
related spending last year. Information that appeared to be inaccurately reported was excluded from the calculation. SOURCE: The
Security Benchmark Report, November 2023
Security Budget 2023 vs. 2022 — Agriculture, Food & Beverage
Increased — 100%
The Security Benchmark Report respondents in the Agriculture, Food & Beverage market sector were asked whether their 2023
security budgets Increased, Decreased or Stayed the same over 2022. All respondents in the sector reported an increase in security
budget in 2023 when compared to 2022. SOURCE: The Security Benchmark Report, November 2023
5 Responsibilities Owned by Agriculture, Food & Beverage Teams
1. Aligning security with the business

2. Duty of care / traveler protection & support /
executive protection
3. Liaison with public-sector law enforcement agencies
The Security Benchmark Report participants within the Agriculture, Food & Beverage sectors were given a list of 36 roles and
responsibilities that may fall under the security function at an organization and were asked for the level of responsibility the team
has over that role within their enterprise. The above are the most common job responsibilities (in alphabetical order) that the security
function within this sector reported as Owning / Leading. For this survey, Owning / Leading the responsibility means security both
manages and funds the program. SOURCE: The Security Benchmark Report, November 2023
19
Where Security Lives — Agriculture, Food & Beverage
Function / %
Chief Risk or Legal Officer / Risk / Legal / General Counsel — 50%
We asked The Security Benchmark Report respondents which function their security organization reports to or resides within. Within
the Agriculture, Food & Beverage market sector, the highest percentage of security teams reported to the Chief Risk or Legal Officer /
Risk / Legal / General Counsel. SOURCE: The Security Benchmark Report, November 2023
Structure of Security — Agriculture, Food & Beverage

Structure / %
Centralized — 25%
Decentralized — 50%
Other — 25%
In the Agriculture, Food & Beverage sector, 50% of Security Benchmark Report respondents reported a Decentralized structure of their
security organization. Other in this data represents a security program structure comprised of both Centralized and Decentralized
components. SOURCE: The Security Benchmark Report, November 2023
Geographic Security Responsibility —

Agriculture, Food & Beverage
Location / %
Asia — 100%
Europe — 100%
Africa — 75%
The Security Benchmark Report respondents were asked to report which geographic areas their security organization provides risk
and security services. Respondents were able to choose as many geographic areas as applicable. SOURCE: The Security Benchmark
20
0%
of Agriculture, Food & Beverage security leaders
reported being responsible for both physical
security and cybersecurity.
0%
of Agriculture, Food & Beverage security leaders
security and health & safety.
Do Agriculture, Food & Beverage Organizations

Have Security Operations Centers?
NO
25%
YES
75%
Within the Agriculture, Food & Beverage sectors, 75% of The Security Benchmark Report respondents reported having a security
operations center (SOC) or global security operations center (GSOC) within their enterprise. SOURCE: The Security Benchmark Report,
November 2023
3,047
Average number of enterprise-wide contract FTE security
officers / guards within Agriculture, Food & Beverage
sector organizations.
139
Average number of enterprise-wide proprietary FTE
security officers / guards within Agriculture, Food &
Beverage sector organizations.
The Security Benchmark Report respondents were asked how many contract and proprietary full-time equivalent (FTE) security
officers and security guards they have within their enterprise. The average among all respondents in the Agriculture, Food & Beverage
market sectors is reported here. Outliers or information that appeared to be inaccurately reported were excluded from the calculation.
21
BANKING & INSURANCE
This sector includes those organizations reporting banking, financial services, insurance or reinsurance as their primary market sector of business.
Security Budget as a Percent of Revenue —

Banking & Insurance
0.75%
Among the Banking & Insurance sector, the average
security budget as a percent of total revenue was
0.75%.
Among The Security Benchmark Report respondents choosing Banking & Insurance as their primary market sector, 0.75% was
the average security budget as a percent of revenue. To calculate the security budget as a percentage of revenue across security
programs in this sector, the security budget was divided by the total revenue, based on self-reported information. Information that
appeared to be inaccurately reported was excluded from the calculation. SOURCE: The Security Benchmark Report, November 2023

Banking & Insurance
$100,000
Among the Banking & Insurance sectors, the average
amount of money spent on security-related training in
2022 was $100,000.
The Security Benchmark Report respondents in the Banking & Insurance sectors reported an average of $100,000 in security-related
spending last year. Outliers or information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The
22
BANKING & INSURANCE
Security Budget 2023 vs. 2022 — Banking & Insurance
Increased — 50%
Stayed the same — 37%
Decreased — 13%
The Security Benchmark Report respondents in the Banking & Insurance market sectors were asked whether their 2023 security
budgets Increased, Decreased or Stayed the same over 2022. SOURCE: The Security Benchmark Report, November 2023
6 Responsibilities Owned by Banking & Insurance Security Teams
1. Security audits / surveys / assessments

6. Security staff development & training
The Security Benchmark Report participants within the Banking & Insurance sectors were given a list of 36 roles and responsibilities
that may fall under the security function at an organization, and were asked for the level of responsibility the team has over that role
within their enterprise. The above are the most common job responsibilities that the security function within this sector reported as
Owning / Leading. For the purposes of this survey, Owning / Leading the responsibility means security both manages and funds the
program. SOURCE: The Security Benchmark Report, November 2023
Where Security Lives — Banking & Insurance

Function / %
CRO / Risk / Legal / General Counsel — 37.5%
Human Resources — 37.5%
CAO / Administration / Shared Services — 25%
the Banking & Insurance market sectors, the highest percentage of security teams reported to CRO / Risk / Legal / General Counsel
and Human Resources. SOURCE: The Security Benchmark Report, November 2023
23
BANKING & INSURANCE
Structure of Security — Banking & Insurance
Regional
25%
Centralized
75%
In the Banking & Insurance sectors, 75% of The Security Benchmark Report respondents reported a Centralized structure of their
security organization. One-quarter (25%) reported a Regional structure of their security program. SOURCE: The Security Benchmark
Do Banking & Insurance Organizations

NO
12%
YES
88%
Within the Banking & Insurance sectors, 88% of The Security Benchmark Report respondents reported having a security operations
center (SOC) or global security operations center (GSOC) within their enterprise. SOURCE: The Security Benchmark Report, November
2023
24
BANKING & INSURANCE
13%
of Banking & Insurance security leaders reported
being responsible for both physical
38%
of Banking & Insurance security leaders reported

Banking & Insurance
Location / %
Asia — 88%
Europe — 88%
Africa — 50%
174
officers / guards within Banking & Insurance sector
organizations.
20
security officers / guards within Banking & Insurance
officers and security guards they have within their enterprise. The average among all respondents in the Banking & Insurance
25
HEALTHCARE
This sector includes those organizations reporting healthcare (hospitals, medical centers, etc.) as their primary market sector of business.

Healthcare
3%
Among the Healthcare sector, the average security
budget as a percent of total revenue was 3%.
Among The Security Benchmark Report respondents choosing Healthcare as their primary market sector, 3% was the average security
budget as a percent of revenue. To calculate security budget as a percentage of revenue across security programs in this sector, the
security budget was divided by the total revenue, based on self-reported information. Outliers or information that appeared to be
inaccurately reported were excluded from the calculation. SOURCE: The Security Benchmark Report, November 2023
Security Budget as a Percent of Revenue by Organization Size —

Healthcare
Number of Employees Security Budget as a Percent of Revenue
0 to 999 0.4%
1,000 to 9,999 0.6%
10,000 to 24,999 9%
25,000 to 49,999 0.5%
50,000 and above 0.3%
To calculate security budget as a percentage of revenue across security programs in this sector, the security budget was divided by
the total revenue, based on self-reported information. Here, the data is broken down by the total number of overall employees in the
reporting organization. Information that appeared to be inaccurately reported was excluded from the calculation. SOURCE: The Security

Healthcare
$284,000
Among the Healthcare sector, the average amount of
money spent on security-related training in 2022 was
$284,000.
The Security Benchmark Report respondents in the Healthcare sector reported an average of $284,000 in security-related spending
last year. Outliers or information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The Security
26
HEALTHCARE
Security Budget 2023 vs. 2022 — Healthcare
Increased — 55%
Decreased — 5%
The Security Benchmark Report respondents in the Healthcare sector were asked whether their 2023 security budgets Increased,
Decreased or Stayed the same over 2022. The majority of respondents reported an increase in security budget over last year, with the
average percent increase being 18%. SOURCE: The Security Benchmark Report, November 2023
7 Responsibilities Owned by Healthcare Security Teams

5. Workplace violence / active shooter prevention
The Security Benchmark Report participants within the Healthcare sector were given a list of 36 roles and responsibilities that may
fall under the security function at an organization, and were asked for the level of responsibility the team has over that role within
their enterprise. The above are the most common job responsibilities that the security function within this sector reported as Owning
/ Leading. For the purposes of this survey, Owning / Leading the responsibility means security both manages and funds the program.
Where Security Lives — Healthcare

Function / %
CRO / Risk / Legal / General Counsel — 15%
Facilities — 15%
Other — 15%
CEO / President / Owner — 10%
the Healthcare sector, the majority of security functions reported to or resided within Operations. Those who selected Other report to
Ancillary Services or Support Services. SOURCE: The Security Benchmark Report, November 2023
27
HEALTHCARE
Structure of Security — Healthcare
Regional Centralized
5% 95%
In the Healthcare sector, 95% of The Security Benchmark Report respondents reported a Centralized structure of their security
organization. SOURCE: The Security Benchmark Report, November 2023
Do Healthcare Organizations Have Security Operations Centers?
NO
35%
YES
65%
Within the Healthcare sector, 65% of The Security Benchmark Report respondents reported having a security operations center (SOC)
or global security operations center (GSOC) within their enterprise. SOURCE: The Security Benchmark Report, November 2023
28
HEALTHCARE
5%
of Healthcare security leaders reported being
responsible for both physical
55%
of Healthcare security leaders reported being

Healthcare
Location / %
Europe — 15%
Africa — 10%
Asia — 10%
229
officers / guards within the Healthcare sector.
145
security officers / guards within the Healthcare sector.
officers and security guards they have within their enterprise. The average among all respondents in the Healthcare sector is reported
here. Outliers or information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The Security
29
HIGHER EDUCATION
This sector includes those organizations reporting higher education, universities, colleges or technical institutions as their primary market sector of business.

Higher Education
0.6%
Among the Higher Education sector, the average security
budget as a percent of total revenue was 0.6%.
Among The Security Benchmark Report respondents choosing Higher Education as their primary market sector, 0.6% was the average
security budget as a percent of revenue. To calculate security budget as a percentage of revenue across security programs in this
sector, the security budget was divided by the total revenue, based on self-reported information. Information that appeared to be
inaccurately reported was excluded from the calculation. SOURCE: The Security Benchmark Report, November 2023

Higher Education
$279,000
Among the Higher Education sector, the average amount
of money spent on security-related training in 2022 was
$279,000.
The Security Benchmark Report respondents in the Higher Education sector reported an average of $279,000 in security-related
spending last year. Information appearing to be inaccurately reported was excluded from the calculation. SOURCE: The Security
Security Budget 2023 vs. 2022 — Higher Education
Increased — 62.5%
Decreased — 12.5%
The Security Benchmark Report respondents in the Higher Education market sector were asked whether their 2023 security budgets
Increased, Decreased or Stayed the same over 2022. The majority of respondents this year reported an increase in security budget,
which was a 7% increase on average. SOURCE: The Security Benchmark Report, November 2023
30
HIGHER EDUCATION
8 Responsibilities Owned by Higher Education Security Teams
1. Investigations
3. Event security
The Security Benchmark Report participants within the Higher Education sector were given a list of 36 roles and responsibilities that
may fall under the security function at an organization, and were asked for the level of responsibility the team has over that role within
Where Security Lives — Higher Education

Function / %
Other — 25%
CEO / President / Owner / Executive Director — 12.5%
Human Resources — 12.5%
the Higher Education sector, an even split of security teams reported to Operations, Administration and Other. The respondents who
selected Other report into the Vice Chancellor or Public Affairs. SOURCE: The Security Benchmark Report, November 2023
12.5%
of Higher Education security leaders reported being
25%
of Higher Education security leaders reported being
31
HIGHER EDUCATION
Structure of Security — Higher Education
Decentralized
12.5%
Partially
Centralized &
Decentralized
12.5%
Centralized
75%
In the Higher Education sector, 75% of The Security Benchmark Report respondents reported a Centralized structure of their security
Do Higher Education Organizations

NO
12.5%
YES
87.5%
Within the Higher Education sector, 87.5% of The Security Benchmark Report respondents reported having a security operations center
(SOC) or global security operations center (GSOC) within their enterprise. SOURCE: The Security Benchmark Report, November 2023
32
HIGHER EDUCATION

Higher Education
Location / %
North America — 87.5%
Africa — 37.5%
Asia — 25%
Europe — 25%
Oceania (including Australia) — 12.5%
South America — 12.5%
187
officers / guards within Higher Education organizations.
78
security officers / guards within Higher Education
organizations.
officers and security guards they have within their enterprise. The average among all respondents in the Higher Education sector is
reported here. Outliers or information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The
33
HOSPITALITY & ENTERTAINMENT
This sector includes those organizations reporting hospitality, hotels, casinos, entertainment, sports leagues & facilities, or recreation as their primary market sector of business.

Hospitality & Entertainment
0.6%
Among the Hospitality & Entertainment sector, the average
security budget as a percent of total revenue was 0.6%.
Among The Security Benchmark Report respondents choosing Hospitality & Entertainment as their primary market sector, 0.6%
was the average security budget as a percent of revenue. To calculate security budget as a percentage of revenue across security

$175,000
Among the Hospitality & Entertainment sectors, the
The Security Benchmark Report respondents in the Hospitality & Entertainment sectors reported an average of $175,000 in security-
related spending last year. Information that appeared to be inaccurately reported was excluded from the calculation. SOURCE: The
Security Budget 2023 vs. 2022 — Hospitality & Entertainment
Increased — 100%
The Security Benchmark Report respondents in the Hospitality & Entertainment market sectors were asked whether their 2023
security budgets Increased, Decreased or Stayed the same over 2022. All respondents reported an increase in their security budget.
34
12 Responsibilities Owned by Hospitality & Entertainment Security Teams
Business resilience / business continuity / emergency
3.
management / disaster recovery
5. Emergency response and planning
6. Event security
Security contract management: Guards / technology integrators
10.
12. Weather / natural disasters
The Security Benchmark Report participants within the Hospitality & Entertainment sectors were given a list of 36 roles and
responsibilities that may fall under the security function at an organization, and were asked for the level of responsibility the team has
over that role within their enterprise. The above are the most common job responsibilities that the security function within this sector
reported as Owning / Leading. For the purposes of this survey, Owning / Leading the responsibility means security both manages and
funds the program. SOURCE: The Security Benchmark Report, November 2023
Where Security Lives — Hospitality & Entertainment

Function / %
the Hospitality & Entertainment market sectors, the highest percentage of security teams reported to a GM / Business Unit. SOURCE:
35
Structure of Security — Hospitality & Entertainment
Decentralized
25%
Centralized
75%
In the Hospitality & Entertainment sectors, 75% of The Security Benchmark Report respondents reported a Centralized structure of
their security organization. SOURCE: The Security Benchmark Report, November 2023

Location / %
Africa — 25%
Asia — 25%
Europe — 25%
36
0%
of Hospitality & Entertainment security leaders
50%
of Hospitality & Entertainment security leaders
Do Hospitality & Entertainment Organizations

NO
25%
YES
75%
Within the Hospitality & Entertainment sectors, 75% of The Security Benchmark Report respondents reported having a security
November 2023
483
officers / guards within Hospitality & Entertainment
250
Average number of enterprise-wide proprietary
FTE security officers / guards within Hospitality &
Entertainment sector organizations.
officers and security guards they have within their enterprise. The average among all respondents in the Hospitality & Entertainment
37
INFORMATION TECHNOLOGY & MEDIA
This sector includes those organizations reporting information technology (equipment, software, services) or media as their primary market sector of business.

Information Technology & Media
0.3%
Among the Information Technology & Media sector, the
average security budget as a percent of total revenue was
0.3%.
Among The Security Benchmark Report respondents choosing Information Technology & Media as their primary market sector, 0.3%
was the average security budget as a percent of revenue. To calculate security budget as a percentage of revenue across security

$118,000
Among the Information Technology & Media sector, the
The Security Benchmark Report respondents in the Information Technology & Media sector reported an average of $118,000 in
security-related spending last year. Information that appeared to be inaccurately reported was excluded from the calculation. SOURCE:
Security Budget 2023 vs. 2022 —

Increased — 43%
Decreased — 14%
The Security Benchmark Report respondents in the Information Technology & Media sector were asked whether their 2023 security
budgets Increased, Decreased or Stayed the same over 2022. The majority of respondents reported an increase or no change in
security budget over last year. SOURCE: The Security Benchmark Report, November 2023
38
8 Responsibilities Owned by
Information Technology & Media Security Teams
Duty of care / traveler protection & support /
1.
executive protection
The Security Benchmark Report participants within the Information Technology & Media sector were given a list of 36 roles and
responsibilities that may fall under the security function at an organization, and were asked for the level of responsibility the team has
over that role within their enterprise. The above are the most common job responsibilities that the security function within this sector
reported as Owning / Leading. For the purposes of this survey, Owning / Leading the responsibility means security both manages and
funds the program. SOURCE: The Security Benchmark Report, November 2023
Where Security Lives — Information Technology & Media

Function / %
Other — 14%
the Information Technology & Media sectors, the majority of security functions reported to or resided within Human Resources or
Finance. SOURCE: The Security Benchmark Report, November 2023
29%
of Information Technology & Media security leaders
71%
of Information Technology & Media security leaders
39
Structure of Security — Information Technology & Media
Centralized
100%
In the Information Technology & Media sectors, 100% of The Security Benchmark Report respondents reported a Centralized structure
of their security organization. SOURCE: The Security Benchmark Report, November 2023
Do Information Technology & Media Organizations

YES
100%
Within the Information Technology & Media sectors, 100% of The Security Benchmark Report respondents reported having a security
November 2023
40

Location / %
Europe — 100%
Africa — 71%
Asia — 71%
921
officers / guards within the Information Technology &
Media sector.
0
security officers / guards within the Information
Technology & Media sector.
officers and security guards they have within their enterprise. The average among all respondents in the Information Technology &
Media sector is reported here. Outliers or information that appeared to be inaccurately reported were excluded from the calculation.
41
MANUFACTURING
This sector includes those organizations reporting manufacturing as their primary market sector of business.

Manufacturing
0.4%
Among the Manufacturing sector, the average security
budget as a percent of total revenue was 0.4%.
Among The Security Benchmark Report respondents choosing Manufacturing as their primary market sector, 0.4% was the average

Manufacturing
$104,000
Among the Manufacturing sector, the average amount
$104,000.
The Security Benchmark Report respondents in the Manufacturing sector reported an average of $104,000 in security-related
spending last year. Information that appeared to be inaccurately reported was excluded from the calculation. SOURCE: The Security
Security Budget 2023 vs. 2022 — Manufacturing
Increased — 57%
Don’t know — 14%
Decreased — 7%
The Security Benchmark Report respondents in the Manufacturing sector were asked whether their 2023 security budgets Increased,
Decreased or Stayed the same over 2022. The majority of respondents in this sector reported an increase over last year, with an
average security budget increase of 15%. SOURCE: The Security Benchmark Report, November 2023
42
MANUFACTURING
7 Responsibilities Owned by Manufacturing Security Teams

The Security Benchmark Report participants within the Manufacturing sector were given a list of 36 roles and responsibilities that
Where Security Lives — Manufacturing

Function / %
Facilities — 14%
CEO / President / Owner / Exec. Director — 7%
Internal Audit — 7%
We asked The Security Benchmark Report respondents which function their security organization reports to or resides within. In the
Manufacturing sector, an equal amount respondents reported to the CAO / Administration / Shared Services, CRO / Risk / Legal /
General Counsel, COO / Operations, Facilities, or Human Resources. SOURCE: The Security Benchmark Report, November 2023
14%
of Manufacturing security leaders reported being
14%
of Manufacturing security leaders reported being
43
MANUFACTURING
Structure of Security — Manufacturing
Centralized
Regional 7% 79%
In the Manufacturing sector, 79% of The Security Benchmark Report respondents reported a Centralized structure of their security
organization. For this survey’s purpose, the distinction between Decentralized and Regional security is that some Regional security
programs may behave in a centralized manner for their determined region, while Decentralized generally means there may be security
organizations in multiple locations within an enterprise functioning independently from one another. Respondents choosing Other in
this sector reported a functionally Centralized structure with dotted line regional security managers. SOURCE: The Security Benchmark

Manufacturing
Location / %
Asia — 79%
Europe — 79%
Africa — 43%
44
MANUFACTURING
Do Manufacturing Organizations Have Security Operations Centers?
NO YES
50% 50%
Within the Manufacturing sector, 50% of The Security Benchmark Report respondents reported having a security operations center
719
officers / guards within the Manufacturing sector.
101
security officers / guards within the Manufacturing sector.
officers and security guards they have within their enterprise. The average among all respondents in the Manufacturing sector is
reported here. Outliers or information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The
45
PHARMA & BIOTECH
This sector includes those organizations reporting pharmaceuticals or biotechnology as their primary market sector of business.

Pharma & Biotech
1%
Among the Pharma & Biotech sector, the average security
budget as a percent of total revenue was 1%.
Among The Security Benchmark Report respondents choosing Pharma & Biotech as their primary market sector, 1% was the average

Pharma & Biotech
$43,000
Among the Pharma & Biotech sector, the average amount
$43,000.
The Security Benchmark Report respondents in the Pharma & Biotech sector reported an average of $43,000 in security-related
spending last year. Information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The Security

Pharma & Biotech
Increased — 75%
Decreased — 25%
The Security Benchmark Report respondents in the Pharma & Biotech sector were asked whether their 2023 security budgets
Increased, Decreased or Stayed the same over 2022. The majority of respondents in this sector reported an increase over last year
with an average security budget increase of 22%. SOURCE: The Security Benchmark Report, November 2023
46
PHARMA & BIOTECH
9 Responsibilities Owned by Pharma & Biotech Security Teams

Security contract management: Guards / technology integrators
5.
The Security Benchmark Report participants within the Pharma & Biotech sector were given a list of 36 roles and responsibilities that
Where Security Lives — Pharma & Biotech

Function / %
Facilities — 25%
Other — 25%
We asked The Security Benchmark Report respondents which function their security organization reports to or resides within. In this
sector, those reporting Other included Chief Supply Chain Officer. SOURCE: The Security Benchmark Report, November 2023
47
PHARMA & BIOTECH
Structure of Security — Pharma & Biotech
Centralized
100%
In the Pharma & Biotech sector, 100% of The Security Benchmark Report respondents reported a Centralized structure of their security
Do Pharma & Biotech Organizations

NO YES
50% 50%
Within the Pharma & Biotech sectors, 50% of The Security Benchmark Report respondents reported having a security operations
2023
48
PHARMA & BIOTECH
0%
of Pharma & Biotech security leaders reported
0%
of Pharma & Biotech security leaders reported

Pharma & Biotech
Location / %
Asia — 50%
Europe — 50%
Africa — 25%
20
officers / guards within the Pharma & Biotech sector.
24
security officers / guards within the Pharma & Biotech
sector.
officers and security guards they have within their enterprise. The average among all respondents in the Pharma & Biotech sector
is reported here. Outliers or information that appeared to be inaccurately reported were excluded from the calculation. SOURCE: The
49
REAL ESTATE, PROPERTY MANAGEMENT, CONSTRUCTION
This sector includes those organizations reporting real estate, property management, housing, or construction services & materials as their primary market sector of business.

Real Estate, Property Management, Construction
$20,000
Among the Real Estate, Property Management,
Construction sectors, the average amount of money spent
on security-related training in 2022 was $20,000.
The Security Benchmark Report respondents in the Real Estate, Property Management, Construction sectors reported an average
of $20,000 in security-related spending last year. Information that appeared to be inaccurately reported was excluded from the
calculation. SOURCE: The Security Benchmark Report, November 2023

Increased — 50%
Decreased — 50%
The Security Benchmark Report respondents in the Real Estate, Property Management, Construction market sectors were asked
whether their 2023 security budgets Increased, Decreased or Stayed the same over 2022. Fifty percent of respondents in this sector
reported a decrease in security budget. SOURCE: The Security Benchmark Report, November 2023
3 Responsibilities Owned by Real Estate, Property Management,

Construction Security Teams
2. Investigations
The Security Benchmark Report participants within the Real Estate, Property Management, Construction sectors were given a list of
36 roles and responsibilities that may fall under the security function at an organization, and were asked for the level of responsibility
the team has over that role within their enterprise. The above (in alphabetical order) are the most common job responsibilities that the
security function within this sector reported as Owning / Leading. For the purposes of this survey, Owning / Leading the responsibility
means security both manages and funds the program. SOURCE: The Security Benchmark Report, November 2023
50
Where Security Lives — Real Estate, Property Management, Construction
Function / %
CEO / President / Owner / Exec. Director — 33%
Health / Safety / Security / Environment — 33%
the Real Estate, Property Management, Construction market sectors, one-third of respondents report to the CEO / President / Owner /
Exec. Director, Human Resources, and Health / Safety / Security / Environment, respectively. SOURCE: The Security Benchmark Report,
November 2023
Structure of Security — Real Estate,

Property Management, Construction
Partially
Centralized &
Decentralized
33%
Centralized
67%
In the Real Estate, Property Management, Construction sectors, 67% of The Security Benchmark Report respondents reported a
Centralized structure of their security organization. SOURCE: The Security Benchmark Report, November 2023
0%
of Real Estate, Property Management, Construction
security leaders reported being responsible for
both physical security and cybersecurity.
67%
of Real Estate, Property Management, Construction
security leaders reported being responsible for
both physical security and health & safety.
51

Location / %
Africa — 33%
Asia — 33%
Europe — 33%
Do Real Estate, Property Management, Construction Organizations

YES
33%
NO
67%
Within the Real Estate, Property Management, Construction sectors, 33% of The Security Benchmark Report respondents reported
having a security operations center (SOC) or global security operations center (GSOC) within their enterprise. SOURCE: The Security
52
164
Average number of enterprise-wide contract FTE
security officers / guards within Real Estate, Property
Management, Construction sector organizations.
16
security officers / guards within Real Estate, Property
Management, Construction sector organizations.
officers and security guards they have within their enterprise. The average among all respondents in the Real Estate, Property
Management, Construction market sectors is reported here. Outliers or information that appeared to be inaccurately reported were
excluded from the calculation. SOURCE: The Security Benchmark Report, November 2023
53
RETAIL & RESTAURANT
This sector includes those organizations reporting retail or restaurant as their primary market sector of business.

Retail & Restaurant
0.2%
Among the Retail & Restaurant sector, the average
security budget as a percent of total revenue was 0.2%.
Among The Security Benchmark Report respondents choosing Retail & Restaurant as their primary market sector, 0.2% was the
average security budget as a percent of revenue. To calculate security budget as a percentage of revenue across security programs in
this sector, the security budget was divided by the total revenue, based on self-reported information. Information that appeared to be

Retail & Restaurant
$75,000
Among the Retail & Restaurant sector, the average
2022 was $75,000.
The Security Benchmark Report respondents in the Retail & Restaurant sector reported an average of $75,000 in security-related

Retail & Restaurant
Increased — 40%
Decreased — 40%
The Security Benchmark Report respondents in the Retail & Restaurant sector were asked whether their 2023 security budgets
Increased, Decreased or Stayed the same over 2022. The majority of respondents in this sector reported an increase over last year
with an average security budget increase of 3%. SOURCE: The Security Benchmark Report, November 2023
54
RETAIL & RESTAURANT
8 Responsibilities Owned by Retail & Restaurant Security Teams

4. Investigations
7. Supply chain / logistics / distribution security
The Security Benchmark Report participants within the Retail & Restaurant sector were given a list of 36 roles and responsibilities that
Where Security Lives — Retail & Restaurant

Function / %
the Retail & Restaurant market sectors, 40% of respondents report to COO / Operations. SOURCE: The Security Benchmark Report,
November 2023
55
RETAIL & RESTAURANT
Structure of Security — Retail & Restaurant
Centralized
100%
In the Retail & Restaurant sector, 100% of The Security Benchmark Report respondents reported a Centralized structure of their
security organization. SOURCE: The Security Benchmark Report, November 2023
Do Retail & Restaurant Organizations

NO
40%
YES
60%
Within the Retail & Restaurant sectors, 60% of Security Benchmark Report respondents reported having a security operations center
56
RETAIL & RESTAURANT
20%
of Retail & Restaurant security leaders reported
being responsible for both physical security and
cybersecurity.
80%
of Retail & Restaurant security leaders reported
health & safety.

Retail & Restaurant
Location / %
Asia — 60%
Europe — 60%
Africa — 20%
36
officers / guards within the Retail & Restaurant sector.
59
security officers / guards within the Retail & Restaurant
sector.
officers and security guards they have within their enterprise. The average among all respondents in the Retail & Restaurant sector
57
UTILITIES & DISTRIBUTION
This sector includes those organizations reporting utilities (oil & gas, waste management & equipment, renewable / clean energy, electric, gas, nuclear, wind, environmental
services), logistics, warehousing, ports (air, sea, etc.), distribution, shipping or freight transportation as their primary market sector of business.

Utilities & Distribution
4%
Among the Utilities & Distribution sectors, the average
security budget as a percent of total revenue was 4%.
Among The Security Benchmark Report respondents choosing Utilities & Distribution as their primary market sector, 4% was the
average security budget as a percent of revenue. To calculate security budget as a percentage of revenue across security programs in
this sector, the security budget was divided by the total revenue, based on self-reported information. Information that appeared to be

$268,000
Among the Utilities & Distribution sectors, the average
2022 was $268,000.
The Security Benchmark Report respondents in the Utilities & Distribution sectors reported an average of $268,000 in security-related

Increased — 73%
Don’t know — 9%
The Security Benchmark Report respondents in the Utilities & Distribution sectors were asked whether their 2023 security budgets
Increased, Decreased or Stayed the same over 2022. The majority of respondents reported an increase or the same security budget
over last year. SOURCE: The Security Benchmark Report, November 2023
58
4 Responsibilities Owned by Utilities & Distribution Security Teams

2. Liaison with public sector / law enforcement agencies
The Security Benchmark Report participants within the Utilities & Distribution sectors were given a list of 36 roles and responsibilities
that may fall under the security function at an organization, and were asked for the level of responsibility the team has over that role
within their enterprise. The above are the most common job responsibilities that the security function within this sector reported as
Owning / Leading. For the purposes of this survey, Owning / Leading the responsibility means security both manages and funds the
program. SOURCE: The Security Benchmark Report, November 2023
Where Security Lives — Utilities & Distribution

Function / %
Other — 18%
CTO / Technology — 9%
the Utilities & Distribution market sectors, 27% of respondents report to Human Resources. SOURCE: The Security Benchmark Report,
November 2023
59
Structure of Security — Utilities & Distribution
Centralized
100%
In the Utilities & Distribution sectors, 100% of The Security Benchmark Report respondents reported a Centralized structure of their
security organization. Zero respondents within this sector reported a Decentralized or Regional structure. SOURCE: The Security
Do Utilities & Distribution Organizations

NO
36%
YES
64%
Within the Utilities & Distribution sectors, 64% of The Security Benchmark Report respondents reported having a security operations
2023
60
27%
of Utilities & Distribution security leaders reported
cybersecurity.
9%
of Utilities & Distribution security leaders reported
health & safety.

Location / %
Africa — 36%
Asia — 36%
Europe — 27%
85
officers / guards within Utilities & Distribution sectors.
156
security officers / guards within Utilities & Distribution
sectors.
officers and security guards they have within their enterprise. The average among all respondents in the Utilities & Distribution sectors
61
THE 2023 SECURITY BENCHMARK REPORT / ACHIEVERS / TRAINING
Security Achieving Results With Training

Each year, Security Benchmark Report respondents share accomplishments achieved by their programs. Below, we
highlight a number of the impressive achievements we have seen over the past year, from improvements in enterprise-
wide training programs to innovating security despite staffing challenges.
Editor’s Note: If a security program chose to remain anonymous for The Security Benchmark Report, they were not
considered for the Achievers section.
Security training plays an important role in maintaining operational continuity and supporting an organization during an
emergency.
The below 2023 Security Benchmark Report Achievers demonstrate how training can be used to benefit enterprise
security posture by enhancing emergency preparedness and incident response.
62
THE 2023 SECURITY BENCHMARK REPORT / ACHIEVERS / CRISIS MANAGEMENT
Security Leading Crisis Management

From the ongoing Russian invasion of Ukraine to lingering effects of the COVID-19 pandemic and heightened natural
disasters, enterprise security teams support their organizations in times of instability and crisis.
This year’s Security Benchmark Report Achievers in crisis management show how security springs into action when
organizations are faced with emergencies.
63
THE 2023 SECURITY BENCHMARK REPORT / ACHIEVERS / NEW INITIATIVES
Security Implementing New Initiatives

It’s up to today’s security executive to innovate and work to successfully introduce new initiatives where they would
benefit the enterprise.
The following 2023 Security Benchmark Report Achievers are recognized for their achievements in new security
initiatives, from conducting comprehensive security program reviews to responding to violent crime.
64
THE 2023 SECURITY BENCHMARK REPORT / ACHIEVERS / TECHNOLOGY
Security Tactically Leveraging Technology

Technology can help expand the reach of security programs and augment the power of human security staff. From access
control to unified security technology suites, security leaders leverage technology to solve problems across their organizations.
The below 2023 Security Benchmark Report Achievers are recognized for their accomplishments in technology
implementations.
65
The 2023 Security Benchmark Report — Methodology
Learn more about The 2023 Security Benchmark Report’s goals and construction.
Each year with The Security Benchmark Report, Security magazine adds to an ongoing database measuring how security
teams function, budget, train and use technology. We survey security leaders across 22 industry verticals and present
data from the industry as a whole and broken down by sector to allow for the comparison of security programs amongst
their own industries, against others and as part of the security industry as a whole.
Security magazine’s priority with The Security Benchmark Report is to showcase the value of security within the
enterprise, as well as be a business enabler to our readers’ security programs. By tracking the metrics in this report year-
over-year, we hope to offer a comparison of how trends in budget, responsibility, training and technology shift over time.
We also highlight a number of The Security Benchmark Report respondents in our Achievers section, which showcases
examples of innovation in training, crisis management, new initiatives and technology. Organizations are able to remain
anonymous for this survey. If the organization chooses to be marked anonymous, they are not eligible to be listed in the
published report’s metrics listings or achievement sections.
The Security Benchmark Report is broken down into a general overview comparing all respondents’ data with one
another, as well as by sector. Respondents are asked which sector their overall enterprise resides in, and this is the
sector in which they are placed. While the survey has a choice of 22 market sectors, some sectors are chosen by too few
respondents to report on individually. Therefore, for better comparisons, some market sectors are combined in the report.
Combined sectors are labeled as such, and combinations may vary each year.
Sectors with too small a dataset that don’t lend themselves to combining with other sectors may be excluded from the
sector reports, but will be included in the main report. To attempt to make the most meaningful comparisons, particular
comparisons/charts are left out of sector groupings if the data varied too greatly from one respondent to the next.
In some cases, when calculating certain statistics, including “security budget as a percent of revenue,” outliers or data
points that appeared to be reported incorrectly are removed before calculations to present a cleaner comparison.
While we recognize that security roles, responsibilities and programs can vary widely from one organization to another in
terms of maturity, position within the enterprise, size of staff, budget, etc., Security magazine has made every effort — via input
from readers and Editorial Advisory Board members — to break down and compare organizations in a meaningful, valuable
way.
If you don’t see your enterprise’s primary sector represented, we encourage you to fill out the survey next year and ask
your peers to fill out the survey as well. The more organizations and security professionals that fill out the survey, the more
robust the data.
Security magazine encourages all security leaders and organizations to participate in this free editorial survey that
makes up The Security Benchmark Report. As a benefit to filling out The Security Benchmark Report survey, security
leader respondents receive a full (anonymized) report of responses with more detailed information beyond what is
covered in Security’s November eMagazine and online.
The Security Benchmark Report is an editorial project, and respondent contact information collected is not sold or
shared. There is no cost to participate in The Security Benchmark Report. All respondents must be responsible, at least
in part, for the physical security of their organization. Organizations may only fill out the survey once for a particular
company or agency. The Security Benchmark Report does not include contract security companies, guarding companies
or those without a level of direct responsibility for security within their enterprise.
www.SecurityMagazine.com
66

Security Benchmark Report 2023

Uploaded by

Copyright:

Available Formats

Security Benchmark Report 2023

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Security Benchmark Report 2023

Uploaded by

Copyright:

Available Formats

BENCHMARKING SECURITY

This year’s report offers security leaders insights into how

By Madeline Lauver, Editor in Chief

Where Security Lives Within the Enterprise

Human Resources — 16%

Chief Risk or Legal Officer / Risk / Legal / General Counsel — 15%

Chief Administrative Officer / Shared Services — 13%

CEO / President / Owner / Executive Director — 12%

COO / Operations — 12%

CIO / Information Technology — 2%

Chief Technology Officer — 1%

Title of Senior-Most Security Executive

Vice President / General Manager — 38%

Senior Director — 18%

C-Level Executive — 12%

Geographic Security Responsibility

North America — 95%

South America — 40%

Oceania (including Australia) — 34%

SOURCE: The Security Benchmark Report, November 2023

● YES 65% ● YES 79%

Criminal background — 85%

Employment reference — 80%

Drug tests — 63%

Personal reference checks — 59%

Credit checks — 44%

Social media reviews — 34%

Military background — 19%

None of the above — 2%

Security Executive Insights

Average Security Budget as Percent of Revenue

Average Security Budget as a Percent of Revenue by Sector

Utilities & Distribution — 4%

Pharma & Biotech — 1%

Banking & Insurance — 0.75%

Higher Education — 0.6%

Hospitality & Entertainment — 0.6%

Information Technology & Media — 0.3%

Retail & Restaurant — 0.2%

2021 2022 2023

How Much Did Security Budgets Change Year-Over-Year?

AVERAGE 14% 14%

2021 2022 2023

Use of Security Guards / Officers

Both proprietary and contract guarding — 48%

Contract guarding only — 34%

Proprietary guarding only — 18%

Do You Have a Security Operations Center (SOC)?

Limited to a particular site or region — 25%

Entire enterprise — 75%

Limited to a particular site or region — 25%

What Services Do Security Operations Centers Provide?

Monitoring and triaging internal incidents reported — 92%

Monitoring video surveillance and alarms — 90%

Monitoring external events that may impact the enterprise — 90%

Monitoring weather and alerting enterprise of potential impacts — 87%

Administering access control permissions and monitoring alarms — 84%

Answering and routing general inquiry phone calls — 81%

Preparing risk assessments and situation reports — 57%

Tracking executive travel and events — 57%