Unlike the java.util.Random class, the java.security.SecureRandom class must produce non-deterministic output on each call.
What that means is, in case of java.util.Random, if you were to recreate an instance with the same seed each time you needed a new random number, you would essentially get the same result every time. However, SecureRandom is guaranteed to NOT do that – so, creating a single instance or creating a new one each time does not affect the randomness of the random bytes it generates.
So, from just normal good coding practices view point, why create too many instances when one will do?