Event Security

CTB interview: Analysing event security in a changing world

Counter Terror Business (CTB) talks to David Stewart (DS) about event security post-pandemic, Qatar 2022 planning and compliance with the Protect Duty

CTB: The initial onset of the coronavirus pandemic saw most sporting events played behind closed doors and a number of entertainment venues forced to move their live offerings online. Now that restrictions have eased, have event security considerations been forced to change?

DS: Covid was undoubtedly a challenge for event security practitioners. As events were cancelled, security professionals were forced to find alternative employment and that meant, when spectators were finally allowed back into events, many security providers had to employ new (and therefore inexperienced) recruits. In addition, the need to ensure social distancing, to review Covid ‘passports’ and to police the wearing of masks all brought additional challenges to security providers. And, of course, who can forget some of the issues experienced during the Euro Football Championships, which were attributed (amongst other things) to there being a lack of experienced operatives available due to Covid.

Throughout the pandemic, while security principles have remained consistent and priorities remain focussed on ensuring security is maintained at the venue, the links between safety and security have grown even closer. As such, the one thing it could be argued Covid has done, is forced security professionals to be much more flexible and adaptable.

As we move into more of a post-Covid world however, there are risks. People are so happy to be allowed back into venues and every event, no matter the scale, seems to be accompanied by a feeling of euphoria (as also highlighted by the Baroness Casey Review) as things return to some aspect of normality. But therein lies the rub – a return to normal for law abiding spectators and security operatives also means a return to normal for those who see such events as a target. Whether that is your common or garden opportunist thief, or more worryingly, a terrorist group, we cannot allow our happiness about the return of events to bring complacency. The national threat level (at the time of writing this) has been reduced to Substantial, but this should also not mean that event security operations can be relaxed. Now more than ever, security professionals need to ensure that high standards of security provision are maintained.

The apparent attrition of experienced security operatives into other lines of employment can also be seen as a challenge but, as with all crises, this provides opportunities to bring new a new cadre of people to the profession. Any gap in experience can quickly be addressed by a mix of professional training, practical experience at events and also a comprehensive readiness testing regime. This would obviously apply across all event operational competencies but would include safety and security at the forefront.
CTB: Although not terrorism related, the stadium crush incident at the Africa Cup of Nations once again brought the issue of stadium security into focus. With a breach at Wembley also not too far in the past, why is it that stadiums often struggle more than most with access security?

DS: The similarities between the two events mentioned are many. A host team reaching the latter stages of an international tournament, restrictions due to Covid causing additional checks and slowing down access to the stadia, a significant number of people without tickets being allowed into Zone Ex and then compounded by failings in the security and stewarding operation. At any stadium, but particularly it seems with football crowds, retrospective reviews consistently identify the same failings. From my days in policing, the expression ‘fail to prepare, prepare to fail’ was drummed into me and, no matter the completion of retrospective reviews, the findings on these tragedies always seem to be able to identify flaws in the planning and preparation that contributed to what went wrong.

For those in the security who haven’t yet read the Baroness Casey Review of the events at Wembley, it should be a required read and, when considered in the context of the Africa Cup of Nations, it is really only ‘there but for the grace of God’ that the events at Wembley didn’t result in fatalities also.

So, from my perspective, notwithstanding the difference in crowd dynamics at stadium events, if proper planning, preparation and risk assessment has been undertaken between event organisers and the other relevant authorities, including the Police, there is no reason that stadia should find access control any more difficult than any other venue. The risk assessment must include the type of event, any particular significance of the event, the timing of the event, information and intelligence, close working relationships with the police and, importantly, clarity around roles and responsibilities – including who has primacy in Zone Ex and what are the contingency plans should things start to unravel. It also goes without saying that having a sufficiency of properly trained, qualified and experienced safety and security operatives is an absolute must. Football does seem to still present the greatest challenge however and linkages between authorities (police) and private security operations, with clarity of roles and responsibilities plus the appropriate and timely sharing of information and intelligence is a must.
CTB: When last we spoke, you said that the next World Cup in Qatar will be somewhat unique and may appear more of an Olympic city host than the usual World Cup location. How does this impact security planning?

DS: Security planning for each of the competition venues, including stadia, training venues, team hotels etc. should all be based on the usual security principles and therefore really should only change with any increased risk. For me, the biggest challenge will be outside of the individual venues and in the public domain of Doha itself. Usually a World Cup event would be spread over geographically remote cities within a country (or countries) and so there would be a limit placed on the number of fans from different teams being co-located. This would normally mean the security operation would need to plan for there being perhaps two, three or four (at most) different nationalities of supporters in any one city. For Qatar 2022 however, we will see fans of no fewer than 32 teams all in relatively close proximity.

This will result in a hugely complex operation across all areas – policing, security, event operations and for this there is the need for specific technological systems that can span multi venue operations as well as systems designed to help with readiness. WeTrack, which is one such system, is designed in the UK and is being used heavily in Qatar, and technology such as this can greatly support security teams, as well as wider operational teams, in communicating effectively.

While lots of plans are in place to try and encourage fans to remain within fan zones that will be established for them, the proximity of stadia to each other (and to Doha) will undoubtedly lead to the mingling of a multiplicity of nationalities of football fans in Doha itself. On a recent visit to Doha, from my upper floor hotel room window, I could see four of the 8 stadia that will be used – they may not be on the same street, as is the case for the two Scottish Premier League clubs in Dundee but still, they are comparatively close to each other and to Doha city centre – significantly moreso than in any previous World Cup or major football tournament.

While private security will be heavily involved at venue level, the public domain element will all fall on the authorities and this will result in challenges for policing. Despite numerous test events over recent years (albeit adversely affected by Covid), added to significant investment in training of police officers, there is little experience in Qatar of the operational policing of such events (and such a fan profile). As with all of these international events, there will be a policing ‘Fusion Centre’ allowing international coordination from a public order/fan policing perspective, as well as an Event Intelligence Centre where information will be shared from the international intelligence community regarding more heinous potential crimes.

To be fair, even police forces with significant experience can be challenged during such events (as evidenced at the Euros) and therefore, it comes as no surprise to see that Qatar has agreed to receive operational support from another country with significant experience. It has been reported that Turkey will provide some 3,000 ‘riot police’ to support their Qatari colleagues. This will obviously need to be managed carefully by Qatar – they will need to overcome language differences (Arabic is only spoken by one per cent of the population of Turkey) as well as cultural differences and, more importantly, operational policing differences. There is every possibility that the World Cup will run without a hitch, without violence or disorder and the last thing that Qatar would want is to be accused of any level of heavy-handed policing which undoubtedly would be pounced upon by certain individuals and media outlets in the UK. Therefore planning, joint training and clear operating principles and procedures will be required between local officers and any imported from other countries to provide support during the event.
CTB: Much attention is given to planning and prevention, and rightly so. But how can organisations best maintain venue operations after terror incidents?

DS: Planning and prevention should not be taken in isolation – in addition there are a variety of other activities that form part of what we at Taynuilt Associates Ltd refer to as the ‘Resilience Cycle’. There are a number of steps to ensure proper resilience that would provide the greatest opportunity for venue operations to be maintained after some kind of critical incident (whether terror related or otherwise);

    Anticipation: Horizon scanning to identify new or challenging hazards or threats - identifying potential threats and vulnerabilities to the organisation
    Assessment: Understanding the likelihood and impact of the potential threats and vulnerabilities to provide an accurate assessment and risk rating
    Prevention: Taking action to prevent a crisis from occurring and mitigating any potential effect - develop priorities and plans accordingly and train staff on their roles
    Preparation: Once plans are in place they must be adequately tested and exercised - tabletop or live play - and then any gaps identified re-assessed
    Response: Efforts to deal with the crisis and it's direct and indirect consequences. Commence Business Continuity processes
    Recovery: Rebuilding, restoring and rehabilitating. Ensuring that the business survives and recovers to full operational capability

Obviously however, the ability for an event (or venue) to carry on after any critical incident will depend upon the severity of the incident but, in general terms, having robust plans policies and procedures in place that have been tested and exercised, and ensuring a highly trained and experienced staff who are clear about their roles and responsibilities, will give venue operators the best chance of quick recovery.

CTB: Strong views were expressed in the Protect Duty consultation regarding the need for accountability, such as the need for clear roles and responsibilities, particularly amongst event organisers. How can this be carried out effectively?

DS: It would be remiss of me to talk about the Protect Duty without first praising the incredible resilience of Figen Murray, and all of the other relatives and friends of those who tragically lost their lives, or suffered injuries and trauma, as a result of the Manchester Arena attack.

Talking about accountability and clarity of roles and responsibilities is one thing but we need these recommendations backed up with actions. There already exist tools that can assist event organisers. The SIA, in conjunction with the National Counter Terrorism Security Office and CPNI have developed their ACTSecurity training which is free and available via e-learning. From the emergency services perspective, the Joint Emergency Services Interoperability Principles (JESIP) is now commonplace and awareness training in this can also be provided to private security practitioners. So, training is an important aspect of ensuring that all those involved in event security have the necessary knowledge and skillset.

However, security should always be looked at in the broader context of the venue operations. For example, at the Commonwealth Games, the security operation has dependencies on the venue operations team, the overlay team, the transport team etc. and avoiding silo thinking is critical. Without sounding like a broken record, for me, testing and exercising is something that is critical in ensuring that investment in training for those undertaking all roles at a major event or a venue pays dividends. UK companies such as WeTrack have now developed software to assist events and venues with their readiness activities that can be used to test individual areas of responsibility but, more importantly, can also support cross-functional testing and preparation activities across the entire event or venue.

The following points should provide a very high level guide for event and venue managers to assist with compliance of the Protect Duty;

•    Carry out a risk and vulnerability assessment, keeping it updated if something changes
•    Communicate and engage with local authorities and other relevant external organisations to provide an informed look at risks inside and outside your venue – a ‘fresh pair of eyes’
•    Ensure that permanent staff have relevant counter-terrorism training and companies providing contracted staff have done likewise

•    Devise and undertake readiness and testing exercises for different scenarios
•    Make sure that you have the required number of trained staff to work at each event
•    Draw up contingency plans based on your risk and vulnerability assessment
•    Create daily ‘run sheets’ that take into account security considerations and locations of trained staff

•    Carry out standard operational checks on-site
•    Brief staff to confirm clear understanding of immediate action activities/contingency plans
•    Carry out extra security checks, confirming that safety and security measures such as metal detectors, CCTV and emergency exit signs / doors are all working correctly

•    Implement your previously prepared plans, with your well-trained staff in the right place, responding to incidents, communicating clearly and enacting contingency plans if necessary
•    Reporting - scrutinise your incidents and adapt your preparation for next time
•    Learn lessons - you won't get everything right first time

Obviously, smaller venues may see some of the requirements that will come with the Protect Duty as challenging however, they needn’t be. Basic threat, risk and vulnerability assessments can be provided relatively easily, along with advice and guidance on clarity of roles and responsibilities and there are plenty of SMEs who would be more than able to support smaller venues. Similarly, training and testing/exercising whilst very important, should be scaled to meet the needs of the venue without costs becoming disproportionate and there is an onus on those of us who provide such services to be able to work with venues to identify cost-effective options that will meet the needs of the venue and support them in delivering the requirements of the Protect Duty.

David Stewart is managing director of Taynuilt Associates Ltd.

Taynuilt Associates Ltd provides consultancy, training and contract services to private, public and third sector clients in a variety of areas including: major event security management; crisis management; and business continuity management.


View the latest
digital issue