Key Points
- GSB 2025 underscores significant regional imbalances in security, with Asia-Pacific and North America appearing more robust, while Africa and parts of Western Asia-Middle East reveal alarming vulnerabilities.
- The survey emphasizes the need for a collective defense approach, enhanced risk awareness, and restored critical infrastructure readiness, urging both private and public sectors to bridge the gap between perception and preparedness.
- Industry thought leaders contributing to the survey report cite the need for end-users of security to focus on quality and for greater public investment in protection of critical infrastructure.
The latest survey report from the International Security Ligue—the Global Security Barometer (GSB) 2025—raises pointed questions about the security preparedness of corporations, critical infrastructure, and society. Compiled over the latter half of 2024 and based on the candid opinions of top executives from major security firms, the report offers a subjective, yet instructive snapshot of how global security is faring across a rapidly evolving threat landscape.
GSB 2025 captures median and average scores on a 1-to-100 scale—as rated by regional, national, and corporate security leaders (a score of 1 represents an entirely unprepared environment, while 100 signals optimal security posture). The survey report, which also covers business conditions for the private security industry, examines four crucial benchmarks of the state of security worldwide: security convergence, risk awareness, critical infrastructure preparedness, and security culture.
Asia-Pacific and North America emerged as relatively robust in certain domains, yet even they register substantial gaps when compared to an ideal state. In contrast, Africa and parts of Western Asia-Middle East linger near the bottom of the scale, underscoring a fragmented and uneven global security ecosystem.
Strategic Alignment of Physical-Cyber-Business Continuity
For more than a decade, security industry leaders have been trying to educate organizations about the benefits from integrating strategies for managing cybersecurity, physical security, and business continuity. But while the idea often finds support—the value of strategic alignment is pretty plain—putting it into practice is not the global norm. Technology continues to facilitate security convergence, making it easier to jointly address goals with a common tool, but many organizations still find it challenging to forge integration at the planning level.
A global median score of just 40 indicates that, on average, the world’s businesses and public institutions are barely over halfway to achieving a cohesive security strategy. While the Asia-Pacific and North America regions score a relatively higher 60, European responses reveal significant internal disparity, with averages suggesting a mixed commitment to strategic integration. Notably, some European nations, such as Sweden, reported a wide range of views—from near stellar ratings of 90 to concerning lows of 40—underscoring the uneven progress across the board.
“In today’s flux geopolitical environment, threats are getting fused. What happens in the virtual sphere has consequences in the physical world and vice versa,” explains Dr. Sameer Patil, Director of the Centre for Security, Strategy and Technology in India, noting that corporations must shed their reticence and work with peers and regulators.
Ultimately, the true vulnerability isn’t the complexity of cyber-physical threats, but businesses’ reluctance to act decisively when risks are clearly understood. — Dr. Sameer Patil, Director of the Centre for Security, Strategy and Technology
The report notes that by adopting a collective defense approach and recognizing security as a shared responsibility among all stakeholders, including government agencies and private businesses, organizations can enhance their ability to protect assets, improve business performance, and better prepare for a range of threats and crisis events.
Awareness of Security Risk, Consequences, and Requirements
Gaining an understanding of security risk is central to security strategy and a pre-requisite for the deployment of effective protection solutions. The International Security Ligue’s 2025 GSB survey reveals that organizations worldwide have a varied approach to security, with a global median rating of66.3 indicating that industry leaders believe organizations are two-thirds along the security continuum in understanding about security risks, their potential consequences, and what is necessary to prevent or mitigate them.
North America leads with a high of 77.5, while regions like Africa lag noticeably behind with a rating of 42.5. This disparity highlights the urgent need for comprehensive risk assessment frameworks that can be tailored to local and regional realities.
There is a growing need for risk mitigation processes to be nimbler. Corporations have always faced cost and revenue pressures, but the timeline has become increasingly compressed, forcing businesses to accelerate the adoption of new technology and implement new processes, but doing so can cause them to overlook security risks.
“Emerging risks include cyberattacks, industrial sabotage, and hybrid threats, which combine physical and digital elements,” explained Professor Edgardo Frigo, President, Forum of Latin American Security Professionals, one of 17 experts contributing to the report.
These dangers not only affect companies and institutions but can also put the economic and social stability of nations at risk, demonstrating the interdependence of systems and the cascading consequences of possible failures. — Professor Edgardo Frigo, President, Forum of Latin American Security Professionals
Ultimately, adequate protection hinges on a complete and accurate understanding about security risks, and the decision to accept risk should be a mindful choice that tracks a similar process as the implementation of a security countermeasures.
Critical Infrastructure Preparedness
Witha global median of 52.5, the readiness of critical infrastructure to prevent, detect, and mitigate high-stakes threats remains a significant concern. Although North America (75) and Europe (70) fared better than other regions, the fact that even these scores leave substantial room for improvement is a wake-up call. Regions such as Africa, Central/Latin America, and Western Asia-Middle East recorded alarmingly low ratings, emphasizing the uneven distribution of security investments and expertise worldwide.
“The resilience of critical infrastructure is essential for global security and survival, particularly in Africa, where vulnerabilities threaten development, governance, and human security,” warns Idriss Mounir Lallali, Deputy Director, African Union Counter-Terrorism Centre. “A coordinated effort is required from all stakeholders.”
To address vulnerabilities, he said Africa and the global community must adopt an integrated, forward-looking strategy addressing key pillars:
- strategic integration across security domains;
- localized solutions with global coordination;
- resilience as a design principle; and
- public-private partnerships.
“The time for decisive action is now—the resilience of Africa’s critical infrastructure is essential for the continent and the world. — Idriss Mounir Lallali, Deputy Director, African Union Counter-Terrorism Centre
Level of Organizational Security Culture
A strong security culture is an undeniable good. The value that an organization places on security underrides all aspects of its security-related activities—from the attitude of staff as they go about procuring a security partner to whether or not employees adhere to good cybersecurity hygiene.
Security culture—the values, attitudes, and behaviors that underpin the safeguarding of an organization—was rated at a median of 66.3 globally. North America stands out with the highest score of 72.5, while Africa again shows considerable vulnerability with a rating of 25. Although awareness and risk evaluation seem to be on more solid ground, a mature and pervasive security culture remains elusive, especially when strategic integration is weak.
“Greater understanding of security in all forms and applications is needed,” advises Tony Ridley, Group Manager for Risk at VicTrack, a business enterprise of the Victorian Government in Australia responsible for managing transport-related assets. “Good security culture makes for good business. Good businesses need security. That should be the objective for both consumers and solution providers of security, no matter the context or environment.”
“Business leaders and buyers need to seek custom solutions to their wicked problems. Not go through the phone book or do a Google search for “security”, under the assumption they are “all the same thing”. — Tony Ridley, Group Manager, Risk, VicTrack
Moving Beyond the Barometer
GSB 2025 reinforces the notion that while there is ample acknowledgment of the need for strategic fusion, actual implementation continues to lag. It challenges top executives. public officials and legislators, and industry professionals to look beyond the numbers and engage in more meaningful, coordinated efforts to close these gaps.
As global security threats evolve, the onus is on both private and public sectors to translate survey insights into robust, actionable strategies—bridging the divide between perception and preparedness. With the benefit of 17 leading security voices from around the world, the GSB 2025 report frames the current security landscape and creates a roadmap for stakeholders to participate actively in shaping a future where companies, critical infrastructure, and society can withstand today’s multifaceted challenges.