Given the detail that is coming out of the inquiry into the terror attack at Manchester Arena, UK in 2017 – where 22 people were murdered – as well as the increasing number of attacks that are happening in public spaces and around major events such as the Gare du Nord train station stabbings in January 2023, security around Major Events and Public spaces is at the fore of many security professionals’ thinking.
“The threats posed by terrorism and serious and organised crime are a global concern and both governments and the private sector continue to seek solutions to ensure the safety and security of their citizens,” said Graham Stuart MP when he was a recent Minister for the UK government.
“It isn’t just these high profile threats, however, that can affect the smooth running of large scale events. Even minor disruption can impact customer experience and result in a loss of reputation and business.”
The US government website, ready.gov, details the types of possible attacks that could cause mass casualties as: Individuals using firearms to cause mass casualties (active shooter); individuals using a vehicle to cause mass casualties; individuals using homemade bombs to cause mass casualties; other methods used in mass attacks may include knives, fires, drones or other weapons.
The UK Centre for Protection of National Infrastructure (CPNI) takes the lead in providing free advice to those responsible for public spaces and major events and says: “Agreement and awareness of protective security governance, roles and responsibilities is key to the deployment of effective protective security at all events, particularly large events.
“This must include the roles and responsibilities of all stakeholders, both internal (e.g. venue operator, guard force) and external (e.g. police, and other government departments), involved in the provision of protective security for the event and must reflect the different stages of the event. This should include: “Build phase; Pre-operational phase (final preparation/rehearsal/readiness); Operational phase; Post event/decommissioning phase.
“Protective security measures, incorporating physical, personnel and cybersecurity, should seek to achieve the following: Deter adversaries from targeting the event; Prevent prohibited items (especially those that could cause physical harm) from entering the venue(s) through effective search and screening; Detect and delay any attempted attack and assist with its apprehension; Not hinder the intended functioning of the venue; Give visitors a sense of security while not appearing intimidating or oppressive.”
The UK are proactive in major event security but, as Manchester proved, things can and do go wrong, hence the promise by the government to introduce a new Protect Duty placing mandatory requirements on Publicly Accessible Locations (PALs); this duty will be known as Martyn’s Law, named after Martyn Hett – a victim of the Manchester attack and the son of Figen Murray, who has campaigned for the new legislation ever since.
The complexities around the introduction of a Protect Duty are highlighted by the fact it has taken six years for even the first draft to come out. However, the UK has been developing lessons and comment in parallel.
The UK Defence and Security Export Department’s Major Event Security Paper delivered some good advice and comment. It gives seven capabilities to ensure that security managers can make and communicate effective decisions. These are: “Planning & Intelligence; Physical Protection; Screening & Detection; Reassuring & Visible Security; Command, Control & Communication; Incident Response; Cyber Security.”
In the same report, Colin Morgan CSyP – who is the former Head of the Public Order Branch at the Metropolitan Police and Head of Security at Lord’s Cricket Ground – commented: “The UK has a strong reputation for delivering secure events to a world-class standard over a number of years and across a number of sectors, including top tier sporting tournaments such as the Olympic Games, highly secure political events, annual events such as Notting Hill Carnival and Glastonbury Festival and weekly elite sporting fixtures.”
He went on to say: “The UK’s reputation is built upon delivering effective, proportionate and tested multi-agency security. We have learnt from experience to implement novel techniques and products that mitigate identified security risks.”
It is that multi-agency element that is one of the more difficult to coordinate, as has been identified in the Manchester Arena inquiry. However, simple techniques such as a standard reporting procedure help break down organisational barriers and the METHANE reporting protocol is one such simple but effective tool; it is how an incident is initially reported to all.
Alongside the physical threats, cyber is and remains an issue, exemplified by cyber-attacks during the opening ceremony of the PyeongChang Winter Olympics which caused 12 hours of disruption. The UKs National Cyber Security Centre (NCSC) recommends a three-step approach; a discovery phase, a risk management process and cyber incident response planning. It seems that, especially with international sporting events, because of some sporting sanctions, the nation state cyber threat is and also remains very real.
Major events and public spaces are and will remain an attractive target for terror, serious and organised crime and other threats – the publicity around incidents is too tempting to miss for those who thrive on it. When the draft is released this year, the Protect Duty in the UK will continue to stimulate more debate around this complex but important subject.
By Philip Ingram MBE
This article was originally published in the February 2023 edition of International Security Journal. To read your FREE digital edition, click here.