The Security 500 Benchmarking Survey is based on information from several sources:

  • Data supplied directly by the organizations
  • Data obtained through public resources/records


The Security 500 tracks 17 vertical markets and collects unique data where appropriate (such as number of unique facilities in healthcare) and applies this data to key metrics. The key metrics collected this year include:

  • Security Spending/Person
  • Security Spending/Revenue
  • Number of Security Employees and Officers


“Person” is focused on the type of person the security budget is intended to protect. Examples include employees, citizens, students and patients. Rankings within each sector were primarily based on security budget. Participants answered a series of general questions along with unique questions within each sector.

The 2017 Security 500 Survey includes the following:

  • Sectors were measured and evaluated on metrics among peer organizations.
  • The data requested and metrics used to benchmark within each sector were based on the input of our advisors.


The purpose of the Security 500 is to create a reliable database to measure your organization versus others and create a benchmarking program among security organizations. The results will enable you to answer the question, “Where Do I Stand?” as a basis of an ongoing peer review process. Due to the greater accuracy of the information provided by security executives compared to that of estimations, completed entries were given greater weight in the rankings than the estimations. Additionally, the sector in which a company is ranked is based on self-reported information. For example, one clothing retailer may select “Retail” and another clothing manufacturer may select “Manufacturing/Industrial” as their vertical markets.

Based on continued feedback and the goal of creating a valuable resource for our participants and industry, the Security 500 is spread across 17 different sectors. We recognize that as a result of some organizational changes, some enterprises and their security leaders may no longer be in place. The listings are based on the information available at the time of publication. Each participating organization will receive their confidential report by December 31, 2017. We also recognize that due to low sample sizes, the statistical margin of error may be responsible for apparent dramatic changes in the data compared to 2016 when no actual differences exist. For additional information, please e-mail to: