Personally I value being able to trigger oomkiller early when a process is eating up RAM, and being able to SIGKILL kwin_x11 on Nvidia or whatever other process is wedging Linux shutdown, instead of waiting multiple minutes for systemd to give up waiting and SIGKILL it directly. In terms of physical access attacks, it's just as viable and far more powerful to add a keylogger to my keyboard or Linux distro, or pull and image my hard drive, than to gasp kill processes or sync filesystem data to disk, oh the horror!
WRT the physical security argument in favor of disabling sysrq, my assumption is it's more aimed towards defeating quick-n-dirty mischief style abuse.
Ages ago I worked with a small team of young sysadmins who would often cause trouble for one another abusing things like sysrq, or poorly configured XFree86 instances without DontZap enabled (ctrl-alt-backspace termination, to a shell when startx/xinit is being used). Most of the time nothing malicious was actually done. But when you return to your screen-locked X desktop to find a fullscreen VC with a root shell blinking back at you and an empty history, guess what you'll at least have on the back of your mind for the rest of the workday?
