Each year with The Security Benchmark Report, Security magazine adds to an ongoing database measuring how security teams function, budget, train and use technology. We survey security leaders across 22 industry verticals and present data from the industry as a whole and broken down by sector to allow for the comparison of security programs amongst their own industries, against others and as part of the security industry as a whole.
Security magazine’s priority with The Security Benchmark Report is to showcase the value of security within the enterprise, as well as be a business enabler to our readers’ security programs. By tracking the metrics in this report year-over-year, we hope to offer a comparison of how trends in budget, responsibility, training and technology shift over time.
We also highlight a number of The Security Benchmark Report respondents in our Achievers section, which showcases examples of innovation in training, crisis management, new initiatives and technology. This year, we have included two Benchmark Leader Profiles along with the report, which serve as deeper investigations of the achievements of specific corporate security programs in the past year.
Organizations are able to remain anonymous for this survey. If the organization chooses to be marked anonymous, they are not eligible to be listed in the published report’s metrics listings or achievement sections.
The Security Benchmark Report is broken down into a general overview comparing all respondents’ data with one another, as well as by sector. Respondents are asked which sector their overall enterprise resides in, and this is the sector in which they are placed. While the survey has a choice of 22 market sectors, some sectors are chosen by too few respondents to report on individually. Therefore, for better comparisons, some market sectors are combined in the report. Combined sectors are labeled as such, and combinations may vary each year.
Sectors with too small a dataset that don’t lend themselves to combining with other sectors may be excluded from the sector reports, but will be included in the main report. To attempt to make the most meaningful comparisons, particular comparisons are left out of sector groupings if the data varied too greatly from one respondent to the next.
In some cases, when calculating certain statistics, including “security budget as a percent of revenue,” outliers or data points that appeared to be reported incorrectly are removed before calculations to present a cleaner comparison.
While we recognize that security roles, responsibilities and programs can vary widely from one organization to another in terms of maturity, position within the enterprise, size of staff, budget, etc., Security magazine has made every effort — via input from readers and Editorial Advisory Board members — to break down and compare organizations in a meaningful, valuable way.
If you don’t see your enterprise’s primary sector represented, we encourage you to fill out the survey next year and ask your peers to fill out the survey as well. The more organizations and security professionals that fill out the survey, the more robust the data.
Security magazine encourages all security leaders and organizations to participate in this free editorial survey that makes up The Security Benchmark Report. As a benefit to filling out The Security Benchmark Report survey, security leader respondents receive a full (anonymized) report of responses with more detailed information beyond what is covered in Security’s November eMagazine and online.
The Security Benchmark Report is an editorial project, and respondent contact information collected is not sold or shared. There is no cost to participate in The Security Benchmark Report. All respondents must be responsible, at least in part, for the physical security of their organization. Organizations may only fill out the survey once for a particular company or agency. The Security Benchmark Report does not include contract security companies, guarding companies or those without a level of direct responsibility for security within their enterprise.