How prepared is your business for the next crisis?

Senior security professional Ian Pugh asks: How prepared is your business, how prepared are your teams and are you doing enough to mitigate risk and prepare your teams for that next crisis?

We have probably all heard the saying “Fail to Prepare, Prepare to Fail”, and I want to say from the outset that I don’t profess to be an expert in Crisis Management. I also don’t claim to have been involved in or to have had to manage as many crisis situations as many readers – who so tragically may have – but I am passionate about the subject and, having worked on the front line in a security role, I know how important training is and can be when faced with a crisis situation.

My first experience: Manchester city centre 15th June 1996

My first experience of being involved in a crisis situation was working as a junior security manager responsible for a large national contract for a leading manned guarding company. Arriving in Manchester city centre to visit my officers, I suddenly saw and heard the chaos following the detonation of a 3,300lb IRA lorry bomb – the largest detonated in Great Britain since the Second World War.

My initial reaction was shock, followed by concern for my team, followed by “What can I do?”. In the immediate aftermath and subsequent hours, we worked as a team to ensure everyone was safe and accounted for. This involved evacuating a large number of my client’s buildings in the city centre and getting the team of officers to safety whilst keeping the senior management team and client updated.

We were lucky and, whilst my thoughts go out to all those people affected by this atrocity and the businesses who had to rebuild, it could have been so much worse.

Present day changes

We did a good job back in 1996, in managing the aftermath of the incident, but that was 25 years ago and things have moved on. The world is a different place, with different challenges and a more stringent regulatory, enforcement and public enquiry-focused society.

Here, I highlight four areas of change, pertinent to crisis management, which have an ongoing impact on security and management professionals.

Regulations/Laws

There are more regulations and laws in place now, which impose upon senior management teams a clear duty of care for their staff’s health, safety and wellbeing.

Private Security Act 2001

The security industry is now regulated by the Security Industry Authority (SIA). Certain legal requirements are in place now, such as mandatory training for those who wish to operate a security company and deploy security officers under contract.

Public enquiries

There are more public enquiries now, which examine the aftermath of major incidents and look at the measures organisations and senior managers have put in place to mitigate risk through training and procedural support, which could have prevented the incident taking place and supported the teams on the ground. An example is the Manchester Arena Enquiry, currently in the final stages of investigating the deaths of the victims of the 2017 Manchester Arena terrorist attack.

The Protect Duty

The planned introduction of the Protect Duty legislation, which seeks to impose a legal obligation on organisations to consider the safety and security of their staff and the public who use their facilities.

Why am I so passionate about the subject?

I began my security career as a security officer for a very large security company working on multiple client sites and dealing with incidents as part of the role. I understood then what support I needed and how training and procedural advice would help me.

My career has taken me through various operational roles, as per my role in 1996 to senior operational strategic roles as Group Head of Security for two large organisations. The latter was the largest shopping centre owner in the UK, intu, until its sad demise in 2020 due to company administration.

In my role at intu I was, for the first time, able to really set the security strategy for the organisation – and with great support from the senior directors and group board, we introduced crisis management and major incident management training into our shopping centre-based teams at all levels to support our teams on the ground.

This strategy delivered training which moved away from traditional table-top exercises and actually tested our teams against the procedures they were operating to, in realistic settings.

Live scenarios tested their reactions and their decision making and placed them under an element of pressure to manage the crisis and bring the incident to a conclusion.

The introduction of duty management assessments ensured that those responsible for managing an incident were prepared for that responsibility and trained against the procedures to support their teams in the decision-making process and to liaise and work with the emergency services.

Supporting those dealing with crises

Senior leaders may read this article and say “We have been dealing with a crisis since February 2020 with the pandemic, so what training do my teams now need? We have managed well, our business is fully open and things are finally looking positive for the coming months.”

In part, that would be correct. Businesses have managed an extremely difficult situation well in general, but that has come at a cost. Financially, there are more constraints on business in a lot of sectors.

Businesses have had to make difficult decisions and headcounts have been reduced, with people losing their livelihoods, budgets being slashed and cost cutting in place – with training more than likely being an area of cost reduction. However, the threats have not gone away. Teams will still need to be supported and prepared to manage crises.

The governance structure in place around accountability and evidencing what, as an organisation, you have done to mitigate risk is still very prevalent.

Post-pandemic –  are you prepared?

So, the question that organisations should be asking themselves post-pandemic is “How prepared is your business, how prepared are your teams and are you doing enough to mitigate risk and prepare your teams for that next crisis?”.

• It will happen, unfortunately, and it will be instant – without government briefings or advice telling you what to do.
• It will lead to disruption to your business and, if significant enough, could lead to injury and death.
• It will have an effect on your brand and could affect your reputation.
• It could see senior directors in an enquiry answering questions about decisions they took or failed to take.

So, how important is that bigger Christmas tree in retail this year? How important is a management away day? How important is a glossy new brochure telling everybody what a great company you are?

I would say they all have a role to play and are important, but if it is at the cost of supporting your teams in being prepared to manage crises, and testing teams and first-line management response against your procedures, then I would say, in the big scheme of things, a big Christmas tree won’t help in an enquiry, a management away day won’t evidence support to your teams and a glossy company brochure may well not be read.

We see the support that organisations provide for their employees around a number of very important aspects of working in today’s society, across small and large businesses and in complex work environments. That support is weakened if employees don’t have the tools to do their jobs and are not prepared to face challenges that may well arise in their roles.

To all the front-line employees who face the risk of dealing with crisis situations every day, you have my total respect!

Ian Pugh

Non-Executive Director

Kiasu Group

www.kiasugroup.co.uk

Click here for more articles on Risk Management

Click here for more articles on Resilience

Click here for more articles on Counter Terrorism

The post How prepared is your business for crisis? appeared first on City Security Magazine.

What a few weeks this has been for us all during these difficult and unsettling times, as the established modes of work and play have been severely impacted by the most serious and invidious public health pandemic in our lifetime. Sadly, many have already lost their lives and there is an increasingly likelihood that the current death toll will increase because of COVID-19, making the world of work seem unimportant by comparison as people fight for their very lives.

All businesses are grappling with how best to respond to the situation, including considering how to protect their customers, visitors and staff.

Challenges for Operational Resilience in a Pandemic

The advent of COVID-19 pandemic has led to a rapidly fast changing and challenging situation whilst companies seek to try and maintain their ‘regular’ business footing using a-typical disaster recovery or business continuity policies that were not developed for the current situation, seeking to manage an un-typical situation that barely any of us are equipped to deal with other than mostly learning new ways of working at pace and on the fly.

Who knew for example that there would be a crippling shortage of laptops in the supply chain, that has impacted issue to home workers following the advent of COVID-19 in China at the end of 2019? The chronic shortage of laptops has severely handicapped many companies’ ability to source and deploy laptops to home workers who would not normally need them. How many companies were, for example, typically running a lean policy of laptop stocks without an eye on the likely impact this may have on their business operations, if there was a supply chain shortage caused as in this case, a global pandemic?

Lessons learnt for achieving Operational Resilience

However, what we can say is having had many interesting experiences the past month of companies and organisations different approaches as to how they are addressing the challenges being faced, we believe there are some very real beneficial lessons regarding operational resilience that should be learned from this event but are in danger of not being addressed in the race to enable colleagues to have effective home working in line with HMG guidelines, as well as support the business at the same time.

It is a cliché but sadly true that you are only as strong as your weakest link. That weak link in terms of data risk is of still, of course, the human element in all organisations.

Companies typically have structure, procedure, security as well as health and safety at work policies, that are designed to help workers operate efficiently and continuously in a safe and effective environment whilst in the workplace.

This means as a result, the organisation is typically keeping a benevolent eye on its employees whilst they are active in the work environment, whether they be in a fixed or mobile location.

Now out of necessity many organisations have been forced to deploy away from the secure work environment arguably their most important assets into their respective homes for what is currently, a likely lengthy, unspecified period of time. These homes are likely unregulated and uncontrolled environments along with all this brings as a challenge in terms of securely managing both data risk and human risk at the same time.

There are lessons being learned and many established processes and policies may not stand scrutiny in the cold light of day once we have defeated this pandemic and returned to whatever the working as normal format looks like.

Maintaining trust between organisations and their employees

How do companies and organisation maintain trust, for example, without monitoring employees at home? There is increasing concern that employers wanting to ensure that working from home does not negatively impact productivity, may now seek to deploy ‘creepy’ monitoring techniques without taking the appropriate lawful steps to assess the privacy risk and/or comply with their other data protection obligations (such as transparency) in order to monitor productivity.

Duty of Care to Employees

How do organisations help their employees manage fire risk as a key example, for health and safety requirements for the necessity of home working during the current public health crisis?

How do the HR professionals / partners continue to provide ‘duty of care’ and pastoral support to these same human assets whilst they are all deployed away from the company locations as a result?

Will companies see an adverse increase in mental health related issues as a result of enforced and prolonged home working?

Home Working impact on Operational Resilience

How will a possible decline in employee’s mental and physical health, as a result of both the changed working practices and a likely increase in staff becoming infected with COVID-19 over time, impact operational resilience?

What happens when home workers are sharing their home working environment with family and other fellow home workers, who are all now forced to live cheek by jowl over an enforced pro-longed period of time with less than normal levels of privacy and the issues that may occur regarding data risk being increased as a result?

How many organisations have conducted on site audits of their employees home working environment for example BEFORE the pandemic broke cover, to ensure that they are indeed able to be working in a safe and compliant location away from the office?

Data Protection Compliance

Equally what does it mean for companies and organisations having, from necessity as a result of the Pandemic, deploy their staff to home working with its implications for data protection compliance? Data protection regulators are keen to remind us this pandemic does not in and of itself entitle us to relax our approach to data protection compliance.

For example, we have seen countless social media posts showing people home working with their laptop balanced on an ironing board because that is the only table top space they have access to, or indeed posting ‘fun pictures’ of their pets sitting next to them whilst they work from home, whilst displaying their un-redacted company and client information on their laptop screens.

We do not profess to have all the answers and we are certainly not intending to set ourselves up as judge and jury on companies and organisations who have deployed their human assets to home working as rapidly and efficiently as they have been able to, whilst not only seeing their established way of working change beyond experience, but in many cases many companies are seeing their actual business being massively impacted which means that for some, they may not sadly survive the current crisis. This article hopefully makes people stop and think on what I believe are increasingly unappreciated issues caused by the necessity of home working.

Whatever the timeline and outcome of defeating the COVID-19 pandemic, I think we all know that both work and social life will never be the same again. From a data risk viewpoint, security measures when working from home are going to have to be addressed in a far more robust and considered manner than may have been the case to date. This will also include extending the company or organisations responsibility to address the fire risk as well as the social risk they are now exposing their human assets to by the necessity of working from home, that previously was not the individual staff members responsibility.

If you have any queries or concerns, please do not hesitate to contact us.

Finally, having said all this, please do not ignore the Government’s advice on home working where you can.

Keep safe and well.

Michael Hoddy

Co-Founder and Director

The Technium Global

See related articles in our categories on Emergency Planning, Business Continuity and Contingency Planning.

The post Operational Resilience in a Pandemic appeared first on City Security Magazine.

When BP’s former CEO, Tony Hayward, made his infamous comment about the Deepwater Horizon oil spill, he not only became one of the most vilified men in the USA, his responses have gone down in PR  history as the classic example of how NOT to respond to a crisis.

His poor crisis leadership and apparent disregard of the scale of the disaster – “tiny in relation to the total water volume”; the catastrophic impact on the environment and wildlife – “very modest”; for the eleven workers who lost their lives – “There’s no one who wants this thing over more than I do; I’d like my life back”; and playing the blame game – “Well, it wasn’t our accident”, impressed no one – least of all victims, their families and stakeholders. Nine years on and BP estimates costs of nearly US$65 billion in legal fees, clean-up and settlements.

Whilst the scale of the disaster was unprecedented, Mr Hayward is not the first – and certainly won’t be the last – spokesperson to make mistakes when speaking during a crisis. In nearly all cases they weren’t prepared, didn’t stick to agreed messages, showed very little empathy for those affected and ultimately, cost their organisation money.

What makes a good spokesperson?

A good spokesperson is one who can resonate with their audience whether it is staff, stakeholders or the public. They need to be at ease in front of them – albeit through a camera or microphone – and be able to demonstrate the right amount of empathy, gravitas, knowledge and reassurance to build confidence and trust in what is being done to resolve the crisis. The secret to this is to think about what they would want to know if they or a loved one were affected by the crisis and to put people first.

Key to this is the ability to be concise, speak clearly and steer away from jargon and language that sounds too corporate. It’s important to remember who they are speaking to – and it’s not the media, who are just the messengers.

They need to stay calm, particularly when journalists are asking questions that can’t or shouldn’t be answered in the early stages, such as the cause of the incident and who is to blame. Part of the media’s role is to hold people to account and ask the questions their audience or readers would want answers to – particularly when tensions are high.

Spokespeople should also be prepared to correct rumours and half-truths they know to be wrong to stop their spread via social media.

More than ever before, the main spokesperson needs to be the CEO or the most senior person available at the start of the incident. Where there has been a systems/operational issue, the lead expert in this area would be able to provide more detail and context, e.g. Cyber Security, Health & Safety.

It’s understandable that many people feel uncomfortable when faced with the onslaught of today’s 24-7 media landscape. The danger is when they are so determined to stay “on message” that they lose their authenticity. This results in a loss of confidence and trust in what they are saying – no matter how sincere they might be. Politicians commenting on Brexit with clichés and stock phrases are a classic example of why public trust has been eroded – and “thoughts and prayers” or “our hearts go out” are now so commonly used after a tragedy they are even the subject of video parodies.

It is possible to contract in a spokesperson – and many PR/Crisis Management firms offer this service. However, today’s social media scrutiny will soon identify the person as not being part of your organisation and, in some instances, it could give the wrong impression that you are spinning and trying to hide something, rather than just trying to get messages out effectively.

Crisis Media Training is Essential

It is essential that a spokesperson is crisis media trained so that they can experience what it feels like to be under pressure and understand how to answer and deal with difficult questions. They need to get to a stage where speaking on certain topics or situations is second nature and they feel confident about what they are saying – even if they don’t have all the answers at that particular time. Crisis media training as opposed to normal media training provides a “safe place” to practise adapting their own personal style to the messaging. Good trainers will also help identify good communicators and the platforms they are suited to. They will also help with body language, appearance, eye-lines, tone of voice and dealing with nerves – all of which contribute to the spokesperson’s overall impact. The media and audience will soon pick up if someone is lying or being economical with the truth.

It’s important that the training takes into account your Crisis Media and Risk Strategies and Business Continuity Plan so that it is realistic, relevant and practical. It should also help you to be aware of what you can and can’t say both on a legal and personal level, e.g. naming victims, or how commenting on recovery times could affect your insurance payout.

The Importance of Comms/PR Teams

When a crisis occurs it’s not only an organisation’s reputation that is under threat; the professional and personal reputations of your leaders and spokespeople are also on the line. If you have a Comms Team, they should also be crisis media trained so they understand how to advise and support the Crisis Management Team and spokespeople BEFORE an incident happens. If the worst happens, they will be able to provide briefs, advise on how to present key messages to different stakeholders via different platforms, liaise with the media and filter interview requests as your Crisis Communications Team. I always recommend including your Comms Team and having a journalist trainer in scenario-based exercises to help operational teams understand that they too have a role and are invaluable for ensuring the correct messages get out.

Employees and Stakeholders as Spokespeople

In any crisis, it is vital that your staff and stakeholders know what is going on, at the very least at the same time as the media are informed.

There is nothing worse than discovering your workplace is in crisis via the news. Even with a strict Social Media Policy for staff, many will take to Twitter, Facebook and other social media platforms to discuss what is going on. If they are not kept informed or feel they are not being looked after, their negative opinions could be the biggest threat to your reputation. In today’s culture of fake news, perception often has far more impact than truth.

Alternatively, if those involved feel they are being looked after in a crisis, they can turn out to be your best spokespeople and ambassadors.

First responders, reception and switchboard staff should be given Crisis Media Awareness training, so they understand the media interest and how to respond to it in accordance with your Crisis Media Strategy.

Journalists seeking information are not going to be put off easily and a throwaway remark or comment by a staff member answering a phone can easily be quoted and potentially be used out of context in the absence of up-to-date and accurate information.

Plan ahead

Suitable spokespeople should be identified in advance and given appropriate training to help them to be effective. Media should be a part of any stress or resilience test so that your Crisis Management Team can practise ALL the aspects of a crisis, not just the technical and logistical issues.  I have been part of a number of exercises where the most senior person/spokesperson has refused and then reluctantly agreed to give the reporter (me!) an interview and has realised just how ill-prepared they are for even the most basic of questions.

Ensuring that media and good communications are included in all your resilience planning and investing in proper crisis media training at all levels will enable your staff and spokespeople to develop their communications skills and ensure they are equipped to represent your organisation and themselves in a way that will garner respect, confidence and trust that you are doing the best you can for all concerned in very difficult circumstances.

Getting it right

Richard Branson is undoubtedly a master of crisis communication. Never shy of facing the media in person, he exemplified how a spokesperson should behave and what they should say at both the Virgin Galactic and Train crashes. He rushed to the scenes, was dignified, empathetic and provided reassurance about how the incidents were being dealt with, whilst protecting his companies’ reputations. He avoided the blame game, provided context and most importantly, stayed calm.

In other words, he did what all spokespeople should do – be human. Always…

• Tell the truth
• Research what could go wrong
• Understand the media interest
• Take control
• Be human

Anna Averkiou

Media Consultant, Journalist and Trainer

Board advisor for Media engagement to the Security Institute

www.averkioumedia.co.uk

The post Choosing the right spokesperson to represent your organisation in a crisis appeared first on City Security Magazine.

Security and resilience policy post 9/11 was often based on the previous attacks’ methodology. Today the approach has changed to Predictive Resilience, where all possible ways terrorism can cause damage are considered and then technologies are created based on such thinking, meaning we can be instantly more resilient to terrorism.

Resilience and Challenge

Cities, populations, states and leaders are affected by the challenges they face. The way these challenges are perceived and prepared for can determine the outcome of a threatening situation. If cities are well prepared, it is likely a threat can be successfully dealt with before it can cause harm. But even if harm does occur, cities can emerge stronger through resilience. Historically, cities have exercised resilience and can offer valuable lessons for today’s world.

World War Two (WWII) and Resilience

In modern history, the aftermath of WWII provides an important example of how resilient cities can be. The destruction of the war was vast: two million homes in Britain were destroyed; 70% of German homes; 1,700 towns in the Soviet Union; and 60,000 French civilians lost their lives. In France, Britain, and West Germany, the state was the main resilience actor in post-war reconstruction.

Citizens exercised a population-style resilience because the fertility rate in Western Europe increased. As a result, Europe recovered economically and politically after WWII: homes were built; populations increased; and European political relations improved. In short, the aftermath of WWII is a historical example of how both citizens and states exercised resilience and refused to let violence stop their way of life.

Today, citizens and states continue to exercise resilience from destruction. But the threat has changed and now comes from terrorism and cyber-attacks rather than conventional war. In an ever-developing response throughout the last twenty years, resilience to terrorist violence has changed dramatically from an approach that learns from recent attack trends, to one of a new approach that includes an innovative private sector.

 9/11 and Resilience

The 9/11 attacks showed that terrorism can be extremely destructive. No longer were terrorists just unsophisticated radicalised individuals with bombs and guns, terrorists could successfully coordinate a complex attack to cause civilian and infrastructural destruction. The response to terrorism after 9/11 was based on the failures of airport security to detect the weapons used by the attackers to hijack planes.

The 9/11 hijackers used knifes, box cutters, and pepper spray to overpower aircrew and coordinate their attack. Shortly after the attack, airports and airlines in the U.S. and globally required: ID at check-in; shoe removal at checkpoints; screening of handheld baggage; a maximum liquid requirement; ticket only travel; and reinforced cockpit doors. These measures were taken as a reaction to the 9/11 plane hijackers to enhance security at airports and prevent a future similar attack.

7/7 and Resilience

Another example of how resilience policy is in response to the attack methodology is shown by the attacks in the United Kingdom. In 2005 Al-Qaeda suicide bombers targeted the London public transport system. The attacks, known as the 7/7 bombings, disrupted the London Underground and bus services by explosives. The UK government responded to 7/7 by improving the security of city transport in London to prevent another type of attack. The underground security system was revitalised with more British Transport Police officers and additional CCTV networks around key stations in the city. Resilience in the UK after 7/7 was a reaction to a recent attack; this was similar to the global change in airport security policy after 9/11.

The Security Services and Resilience

Government policy reaction based on attack trends also includes changes to the state security services. From the early 2000s to 2011, the funding and size of UK security services increased. MI5 grew from 1400 employees in 2001 to 4000 in 2011, with eight new offices across the country, and the combined budgets of GCHQ, MI6 and MI5 doubled since 9/11, to £2bn in 2011.

Between 2000 and 2011, 425 terrorist attacks occurred in the United Kingdom and theincreased budget of security services was during the rising threat of Al-Qaeda. Although this is a more generalised example of policy change to combat terrorism, it is reactionary to the threat of terrorism posed by Al-Qaeda at the time. So, resilience to Al-Qaeda attacks by the state includes extra funding of vital state security and intelligence services in addition to an increase of security operations in airports and public transport.

Predictive Resilience

Policy reaction is not the only type of resilience to terrorism. Predictive Resilience is prevalent today, mainly because of the reality of a coordinated attack like 9/11 and the increasing capacity and expertise within the private security sector. Predictive resilience means determining potential new threats and how to respond should they occur. This is based on predictive intelligence, a method of intelligence analysis that considers the likelihood of a future threat based on available information.

Intelligence agencies use predictive intelligence to recognise potential threats and influence national security policy before the threats cause damage to society. Military commanders have used predictive intelligence analysis for thousands of years to predict the actions of their enemy. It can assist resilience because it guides the user of the analytical product to an early course of action to reduce a potential threat. Effective state predictive intelligence analysis can help avoid a potential attack with accurate prediction and action.

By considering all possible ways terrorism can cause damage and then creating technologies based on such thinking, societies are instantly more resilient to terrorism. When new attack types strike, governments can utilise the new technology in the private sphere to prevent it. In the past, the private sphere used to follow attack trends.

Private Companies and Resilience

Today the state is still the dominant resilience actor through reactionary policy and predictive intelligence analysis and policy recommended by state intelligence organisations. However, there are new organisations that provide predictive resilience – organisations in the private market. These organisations work on a smaller scale when compared to government agencies; however, they are increasingly specialised, growing in number, and their combined efforts are influential. Private companies cover an array of threat prevention and responses, includingintelligence gathering; drone trackers; analysis software; reports on the threat of CBRN terrorism; educational training; barriers and blockades; tactical response equipment; and logistical support.

Using divergent thinking, a way of thinking that considers all potential outcomes, and applying it to terrorism attack types, private companies have created new technologies that assist resilience to terrorism. So, when futuristic technology becomes a reality, societies are prepared to prevent its usage for terrorism because prevention technology already exists. The private sphere has ‘target hardened’ new technologies for terrorists before they become a reality.

During the Iraq war U.S. private mercenary companies helped attack terrorists; this use of the private sector was based on the trend of guerrilla-style conflict between state armies and terrorists. Although private companies continue to provide traditional support such as arms, security cameras and mesh wires, there is a revolutionary change in the private sector in its thinking and therefore in the products it provides to assist resilience.

Governments and private companies respond to drone terrorism

Through private company efforts, new technologies are available to governments to improve predictive resilience against terrorism. Most notably, drone trackers have an increasing use due to the potential threat of drone terrorism. In 2019, the U.K. Department for Transport published a report called Taking Flight: The Future of Drones in the UK Government Response, which considers the use of private drone tracker companies to counter the potential threat of drone terrorism. Whilst private-government contracts are nothing new, contractors to the government to assist resilience in the city is a new and growing reality.

Self-driving vehicles

Many private companies, like intelligence agencies, consider the likelihood of a future threat. One prediction within the private sphere is the potential of a terrorist attack using self-driving vehicles to hijack and drop from the sky on the city below. Uber and Boeing’s future 2023 air drone, a revolutionary transport technology of self-flying pods between skyscrapers, is a concern to many in the sector as a terrorist target.

Private companies have created software programmes that scan the aerospace, provide live analysis on the flight path of pods, and identify potential threats on the ground and in the air through AI technology. This is another example of how the private sphere is influencing terrorist prevention by new technologies based on predictive intelligence and resilience.

So, what does all this change mean and why is it important?

Improving future resilience

The significant change is that private companies have adapted their thinking from an attack-based resilience response to one of predictive resilience which is more open to various outcomes. This new thinking means that resilience to new terrorist attack methods, such as hijacking sky-drones, is greatly improved because the technology to identify and prevent this attack exists. Strategic catch-up is evident in the policy reactions to 9/11 and 7/7; now, thinking is one step ahead because it considers not only trends, but future terror possibilities. This working relationship between state intelligence agencies, private companies, and governments is vital to prevent new terrorisms and improve resilience.

Thomas Sansom

President

Terrorism Research Society

See related articles in our Risk Management and Counter Terrorism article categories, including:

What is a resilient company?

The post Predictive Resilience appeared first on City Security Magazine.

The threat is still present

 The terrible terrorist attacks that took place on Christian churches and hotels in Sri Lanka in April were a wake-up call to anyone who thought that the military defeat of ISIS on the ground in Syria heralded the end of the global terror threat from that particular organisation.

The terror attacks on the Muslim community in Christchurch, New Zealand, were another rude reminder to those who thought that only ISIS provided a threat of this nature. The truth is that the threat from terrorist attacks was present in many locations around the globe long before ISIS was created and will continue to exist even when that organisation has faded from memory.

A new and noteworthy feature of both the New Zealand and Sri Lanka attacks is the impact that they had on social media in those countries. The Christchurch incident was, of course, notoriously live-streamed on Facebook by the attacker. This led to condemnation of Facebook itself for its slow response to the unfolding events by the government in New Zealand and the possibility, subsequently raised by the company, of self-imposed restrictions being placed on who can livestream on the platform.

All social media was suspended

The Colombo attacks led to the immediate suspension of all social media in Sri Lanka by the government, on the grounds that it could be used to spread panic, fake news and possibly incite further violence in the country. Facebook, WhatsApp, Snapchat and Instagram were all among the platforms that were suspended for more than 48 hours.

One impact of this suspension was to hinder families and friends in their search for information about loved ones who were missing. Facebook Safety

Check was just one of a growing number of free social media emergency tools that was affected by this decision. Another impact was to prevent companies who use social media to communicate with their employees during critical events from being able to contact them.

Why free tools are risky

Relying on free social media tools, such as WhatsApp or Facebook, for your critical communications is a risky business. Here’s why:

• Free tools, such as WhatsApp Groups, lack administrator control over what happens to the information that is shared via the application. Any media attachments, suchas videos, are downloaded as default to all user devices and can easily be shared outside the platform.
• This is a seriously risky business if you are sending anything that you would regard as confidential. WhatsApp makes a big deal of its end-to-end encryption, saying that not even they can see what messages you are sending. But this security function is completely bypassed if someone is forwarding on your messages outside your control.
• You also need to consider what could happen to your data if any of your group users loses their device or has it stolen.

Neither you nor they can remotely disable their WhatsApp account away from the device on which it is held. Only WhatsApp can do that themselves upon receipt of a request. Even if the SIM is disabled, the WhatsApp account can still be accessed using wi-fi. This means that you are reliant on every user within your group acting promptly to notify WhatsApp. If they act at all, most people will simply disable the SIM, which leaves all of the messages, media attachments and contact data from the group account accessible on the compromised device.

• Free social media tools are not built to the scale needed for corporate communications. Although WhatsApp has now increased the maximum limit on group numbers from 100 to 256, this is still clearly not enough for most enterprises when you consider the need to contact not just employees, but suppliers and customers as well. The only way around this is to create multiple groups, which quickly becomes both impractical and inefficient.
• Tools such as WhatsApp lack enterprise grade administration. This means that they have no administrator portal to ensure easy roll-out to all employees, no monitoring of traffic on the platform, no enforcement of company-wide communication policies, no user management, no corporate user support, and they lack comprehensive access control and compliant archiving.
• Even when these social media platforms are working they lack enterprise class security and administration. But if you are relying on a communication tool that has the possibility of being suspended by national government in the wake of a major incident, as happened in Sri Lanka, then you really are putting all your eggs in the wrong basket.

Enterprise grade security and administration

As a tool for talking to your friends, or even your work colleagues about low level non-critical issues, WhatsApp is a great free tool. We all use it! But if you are thinking about translating that personal use into critical business communications, please think again. It has not been designed as an enterprise application with enterprise class security and administration. To provide these functions is expensive and does not fit into the freemium business model.

There are critical communications platforms on the market that provide enterprise class security, administration, do not expose the business to unacceptable data security risks and utilise multi-channel communications that can guarantee the critical message gets through, even when one channel such as social media gets suspended. If you do not use them then you could be risking a loss of contact with your employees at a critical moment.

Shalen Sehgal

Managing Director, Crises Control

www.crises-control.com

The post Free tools and critical communications don’t mix appeared first on City Security Magazine.

 The appalling attack on the Manchester Arena in May 2017 claimed 22 lives, many of them children, teenagers and young parents.

We interviewed Fiona Murphy MBE, the Associate Director of Nursing for End of Life at the Northern Care Alliance NHS Group to share how the bereavement team cared for those who lost their lives in Manchester and their families.

Fiona Murphy has been central in devising approaches to end of life and bereavement care for much of her thirty-year career and clearly understands how sudden and unexpected deaths are a massive shock to families. But as Fiona says, “In these tragic situations, we cannot take the hurt away, but we can show we care. Dying is everyone’s business. Everyone that works in a health care setting and linked roles can contribute to a good dying journey.” It is this philosophy that Fiona puts into action every day and in 2017 in Manchester.

At 5.50am on Tuesday 23rd May 2017, the morning after the Manchester Arena attack, Fiona Murphy received a call from Professor Leeming, the Senior Coroner for Manchester West, saying, “We don’t know how we need you, but we need you.”

At this point, there were nineteen confirmed deaths and the families of those still missing were at the Etihad Stadium.

The team at the Etihad included volunteers from the Red Cross, Police family liaison officers, the Coroner’s Office and security. By lunchtime, the death toll had reached 22. Fiona says, “Collaboratively, between the police, the coroner and nursing teams, we made the decision that whatever we found out, the families would be told.” This was a new approach: in  previous major incidents,  victims’ families were not informed unless identification was 100% confirmed. “We made the decision to say, on what you’ve told us, we are 99% sure this is your relative. We will do our absolute best for you to be with them as soon as possible.” Fiona explained that an hour to a newly bereaved family without visual confirmation of death is a long time. “All our families had been informed by 6pm on 23rd May.”

The bereaved families were accommodated in one hotel with a bereavement nurse in support: “Our bereavement nurses never left their side for the first 72 hours.”

The next step was to plan the mortuary visits. Fiona and Professor Leeming selected a mortuary that could provide a high level of service for the difficult task of the visits of the families. The team did their best to find out details about each of the individuals who had died: from their favourite colour, how they had their hair, what shampoo they used and their favourite music. The mortuary visits started on Wednesday evening. Explaining their approach to these, Fiona says, “We did something that will change my life forever.”

Historically, in major incidents, families can only see relatives through a glass, on a metal trolley, under white sheet, you can’t kiss or touch or smell. In this instance the approach was quite different.

The families were transferred from the hotel by police escort and they were brought into the mortuary by bereavement nurses. They had prepared the room and the patient in a bespoke way using the information they had been given. Their favourite music was playing, they were wearing pyjamas in their favourite colour. They were in a bed, with a pillow and a duvet. If possible, their hair had been washed in their favourite shampoo. “If we were told their relative hated cold feet, they would be wearing slippers; all these details are really important.” The families were offered handprints, lip kisses, photographs of favourite tattoos, if they wished – something to create a tangible memory of the relative they had lost.

“This was an incredible piece of work that we were privileged to lead, and it has changed the approach to major incidents. We are now on the national major incident plan because Bereavement Nurses are a rare breed.” In Manchester, they have also started a pilot of having a Bereavement Nurse in the Coroner’s Office, who can respond if there is a sudden, unexpected death.

Security team involvement

Fiona also explained that security played a key role in the support that was offered to the families of the bereaved. “The media had found out where the families were staying and had booked into the same hotel, pretending to be visitors to get stories.” So, protection of the families from the media was critical. “Following this, they kept everyone away, no press intrusion. Having a member of the security team, someone to help us to protect our families and maintain discreet compassionate care was absolutely vital.”  Following the Manchester Arena attack, Fiona now fully understands the benefit that security teams can bring. Across the Northern Care Alliance, which is a group of five hospitals, they have carried out extensive work with the security teams, working with Tony Carter, Head of Security. “I now appreciate that security is not a different service, they are one of us, they want to make a difference. We work really closely with them. This includes all hospital security teams understanding the SWAN model and what it means, in particular communications training, access to the End of Life care team; there is always someone they can call for advice and support. Additionally, there are comfort packs in each of the Control Rooms.”

The SWAN Initiative

The approach that Fiona and her team took at Manchester followed the model of SWAN – an initiative that Fiona has devised. “The SWAN was a symbol of a happy death in Roman times, and we use it to symbolise our philosophy of how to approach caring for those at the end of life and those dying suddenly and unexpectedly.” Fiona believes we can all contribute to a good dying journey.

“SWAN is a model of care and a symbol to tell staff, whoever they are, from security to porters, doctors, ward clerks, hospital volunteers, if you see a swan symbol in your organisation, that means we have a vulnerable patient and family in the dying phase of their life.”

“This symbol gives them permission to act, to be kind, so if you are a volunteer, you can call behind a curtain or knock on the door, offer a newspaper. If you are a member of the catering staff delivering meals, automatically offer that family a hot meal and drink. It is these tiny acts of kindness that show people you really care and make a huge difference.”

SWAN is being used in sixty hospitals nationally. “It is really important, instead of us being specialist nurses, we now are enabling the generalists, whoever they are, to do the small things.”

The staff have permission in traumatic death situations, or expected deaths on a ward, to offer a range of ideas that might help the bereaved family. Similar to Manchester, the opportunity to create a tangible last memory like handprints, lip kisses, or a photograph of a favourite tattoo is provided. Or the chance to lie on the bed and give their relative a last cuddle. Dogs and pets are allowed on the bed too. “These are all things we don’t talk about because we want to provide discreet compassionate care. But the relatives will be heartbroken and need support.” They also enable families to dress their relatives in their favourite clothes, perhaps a favourite shirt and use knitted blankets and other similar items: “Not a shroud to wear and not white crisp linen. Anything to de-medicalise the environment when it is not possible for someone to die at home. “

There is an End of Life Resource Room on all sites. This contains put-you-up beds, food, alcohol (so they can flavour mouth swabs with their relative’s favourite flavour) hand-knitted blankets and Comfort Packs (with toothbrushes, soap and other items to help those suddenly away from home).

The objective as health care professionals and linked professions, needs to show “we really care, this needs to shine”.

The work of the Bereavement Nurses continues following a sudden, unexpected death: they follow up every family, with a call: “I am a bereavement nurse, is there anything I can help you with?” They can help deal with worries, such as paying for the funeral and areas where they can provide support.

Everyone can contribute

Fiona concludes, “I really do believe end of life care and dying is everyone’s business: we can all do something kind, that helps the experience for that family, helps them to walk into their tomorrow. You might think it is insignificant, a small kindness. But just think first, ‘if I was walking in this person’s shoes, what would I need now?’ Be kind to that person in this vulnerable position. This should part of our normal, it shouldn’t be special, this should just be what we do, as a compassionate community.”

Andrea Berkoff

Editor, City Security magazine.

The post The Manchester Arena Attack – New approaches to bereavement support appeared first on City Security Magazine.

Some things happen in life that can change your business or organisation forever – not all of them good. If the situation is not handled properly and sensitively, the unwanted media attention could prove to be fatally damaging to your reputation and the long-term survival of your business.

No one is immune to crises and bad news travels fast. It is therefore vital to be prepared and ensure you become the trusted source of information about the incident rather than leaks and conjecture via social networks.

In the past, the default strategy was head in the sand and hope the press would go away. There were fewer deadlines and news outlets. Even if there was a response, it tended to be “no comment” and nothing would be said without the approval of a legal team to protect an organisation from litigation.

In just ten years, the media landscape has dramatically changed, and one smartphone can break a story within seconds on any number of inter-connected social media platforms. Most organisations now acknowledge that crisis media response is key to effective crisis management – but few have truly robust protocols and training in place to help them communicate effectively and appropriately in a crisis. Too often PR teams are not trained or equipped properly to deal with a crisis, particularly in the face of erroneous social media chatter, and the delay in getting approval for any communications risks exposing you to a whole new set of problems – particularly in multinational operations with headquarters on the other side of the world to the incident.

Whereas emergency responders talk of the “Golden Hour” to make assessments and consider appropriate action, the speed in which news now spreads requires you (in most cases) to acknowledge awareness of an incident within fifteen minutes of it first appearing on social media. This will go a long way in setting a reassuring tone from the start and avoiding a public perception that you are not in control or don’t care about the situation.

Meanwhile, newsrooms have whole teams scouring social media for stories. If you ignore journalists’ calls while you’re “getting on with the job of dealing with the crisis” they will obtain comments from eyewitnesses, experts (possibly from rival organisations), former employees – indeed anyone that might help them piece together the story.

Rather than being a nuisance, see the media as an opportunity to get your messages out and control the conversation by being proactive rather than reactive – which rarely looks good.

Whatever the size of your business or organisation, you should have already identified all the possible risks and interruptions to normal business and how to deal with them in your Business Continuity Plan. You now need to think about how they could play out in the media and the impact on your reputation if they actually happened and construct a Crisis Media Strategy containing all the instructions, contacts and templates you and your team need to communicate efficiently, outline what can be said, who will say it, to whom and how during a crisis.

Pre-prepared templates, such as a holding statement and news releases, will speed up the process of putting out comments, updates and safety information etc. It should also contain up-to-date contact lists of all those who might have an interest if there is an interruption to normal business e.g. staff, customers, suppliers, contractors, families, shareholders, emergency services, local environmental agencies, governmental bodies, insurance, nearby businesses, local media and local residents.

Be warned that if you don’t have a social media policy for employees, and the crisis isn’t handled well, negative posts and whistleblowing from staff about how the incident is being dealt with from their perspective could prove to be the biggest threat to your reputation.

Authenticity and consistency are key to successful crisis media management, and you will be caught out if found to be lying. Think about what YOU would want to know if you were affected by an incident in your messaging and when speaking to journalists. People’s welfare should be your main priority, along with reassurance that everything possible is being done and thanking to those who are dealing with the situation.

Suitable spokespeople should be identified in advance; they should be comfortable in front of a camera and be aware of what they can and can’t say in a crisis, for both legal and sensitivity purposes. Crisis Media Training will help to prevent costly mistakes being made during interviews under pressure and prepare spokespeople to address “negative” comments.

A proper CMS is essential to protect your most valuable asset – your reputation. You can’t always predict if and when a crisis will happen – but you can ensure that when the media comes knocking you are prepared.

Anna Averkiou

Media Consultant, Journalist and Trainer.

Board Advisor for Media Engagement to the Security Institute

www.averkioumedia.co.uk

The post Managing a crisis – planning an effective media strategy appeared first on City Security Magazine.

The Novichok attack in Salisbury 2018  received international attention. How did the local services and community deal with this unprecedented incident?

A distinguished panel of security professionals  recently gathered together at the Safer Cities Summit hosted by International Security Expo, including senior representatives from the city of Salisbury, the Home Office, Scottish government and counter terror policing. This provided an opportunity to share experience, learning and recommendations, in particular from the Novichok attack in Salisbury in 2018.

The challenge of dealing with the unknown

A clear challenge from the outset for the Salisbury attack was dealing with the unknown: what kind of attack it was; where the attack actually occurred; and who was involved. This lack of clarity made it difficult to keep people informed without further increasing fear levels: getting this balance right was key.

The high media attention made a big impact on footfall to the city and its businesses. The Russian involvement kept the situation in the headlines for a long time, with repeated footage being shown of boarded-up, cordoned-off areas. It was really important to restore public confidence to achieve long-term economic recovery.

All these challenges were exacerbated by the second tragic incident of poisoning, just before the school holidays started, when the local parks were to be reopened.

The response to the Novichok attack in Salisbury

It is acknowledged that Salisbury has coped well. Local people remained loyal to the city centre. There was excellent support from the private sector, charities and volunteers, with collaboration critical to success.

The restaurant involved, Zizzi, was particularly commended for continuing to pay staff during the closure and retaining the business in Salisbury.

The learnings for towns and cities everywhere

Assume something similar could happen in your area and recognise that the impact can be mitigated and contained, with the right systems and processes. We can prepare for any kind of disaster – with existing plans, partners and relationships. The panel’s recommendations can be summarised in the sections that follow:

Prepare, prepare prepare … Using existing legislation and structures

Irrespective of the changing threat, we must remember the basic principles: plan using existing legislation and structures in place, including the Civil Contingencies Act, which clearly outlines the responsibilities for Category 1 and Category 2 responders. Additionally, the UK Government’s Counter Terrorism strategy, CONTEST with the four Ps (Prevent, Prepare, Protect and Pursue), continues to set out the approach to take. These two form part of the resilience of the structures and services in the UK and are an underlining strength.

The panel emphasised the importance of consequence management, including training, testing and exercising. Additionally, the need to bring together local authorities, government departments and police, giving them the same messages and constantly reviewing the approach. This is what brings quality.

Crystal clear communications

It was acknowledged that critical events are difficult to handle and fast communication with the right message reduces time to get the event under control.

Don’t underestimate the challenge of dealing with the media. This requires consistent and constant messages – you will face a bombardment: everyone will be approached from councillors to school children to business owners. In Salisbury, it was necessary to deal with the immediate decontamination, which took months. This message needed careful explanation to the public.

Use every means possible to communicate with the public. There was wide support at the summit for CSSC, which is now rolled out across the country along policing regions. This provides a communications vehicle with central management and local messaging: right person, right area, right time. Additionally, there was a reminder to use the local police Twitter messaging – that is the truth.

Create a strong society

There was a general view that resilience is about creating a strong society. We must maintain perspective on terrorism. It is one of many threats we face – terrorism gets the coverage, but illegal drugs, organised crime and severe weather, these are significant issues too. At the heart of our approach is preparing for the possible consequences, irrespective of the causes of emergency incidents.

Additionally, as part of creating resilience, there is a public expectation of reassurance and strong leadership. A focus on personal reassurance and resilience from leaders is welcomed.

Role of Private Sector is crucial

There is a wealth of desire and energy to support efforts to counter terrorism. Since March 2018 and the implementation of the Step Change initiative, it was recognised that the relationship between public and private organisations has matured, is more open and feels fundamentally different.

But there is a lot more we can all do. Counter Terror Policing recognise they need to be clear about their task. How can they share their challenge and direction of travel? They need to be confident enough to empower industry and share information. Everyone has the ability to recognise hostile reconnaissance. Employers have an emotional contract with their employers and there are really good example of big employers reaching out to their staff.

The panel discussion concluded that the role of private sector security is critical with a further challenge to address – how are you putting Protective Security at the heart of your community?

Andrea Berkoff Editor, City Security magazine

See also:

Russia’s use of hybrid warfare

The public and private face of dealing with new threats

Prevent: safeguarding vulnerable people

The post Novichok attack in Salisbury: lessons learnt appeared first on City Security Magazine.

As Brexit negotiations continue, Alison Wakefield, Chairman of the Security Institute assesses the implications for security and Brexit calling for practitioners to keep a cool head.

The United Kingdom and EU security

The United Kingdom has been a leading contributor in the development of the European Union’s pan-European security architecture – if not the leading contributor.

One example of the value of its contribution is the role played by the UK in the development of the EU’s counter-terrorism strategy, which is based on the four-pillar construction of the UK’s CONTEST approach.

Another sign of the esteem in which the UK’s security capabilities are held, and perhaps of EU commitment to a close long-term relationship, was the invitation in August 2016 from European Commission President Jean-Claude Juncker to the UK’s Commissioner, Sir Julian King, to lead the implementation of the EU’s new Security Union strategy.

The EU security wide-ranging partnerships

The Ministry of Defence ‘Global Strategic Trends’ report, the latest edition of which was reviewed by Andrea Berkoff in her article in the winter issue of City Security magazine Global Strategic Trends, refers to the challenges to states of a “rapidly changing environment”, the “need to become more agile”, and the increasing need “to work in partnership with a range of actors”, arguing that “those that do so effectively will gain a substantial competitive advantage”. It is difficult to think of a more far-ranging and effective partnership in the field of security than that of the European Union. The EU security partnership main elements are:

• Europol, the European Union Agency for Law Enforcement Cooperation;
• Eurojust, which facilitates judicial cooperation in criminal matters among agencies of the member states;
• The Second Generation Schengen Information System (SIS II), which enables agencies of the member states to enter and consult alerts on persons or objects;
• The European Arrest Warrant (EAW), a simplified cross-border judicial surrender procedure that replaced the lengthy extradition procedures that used to exist between EU countries;
• The European Criminal Records Information System (ECRIS), which connects national criminal databases and allows for information exchange;
• The Prüm Decisions, providing for the automated exchange of DNA, fingerprints and vehicle registration data; and

• Passenger Name Records (PNR), passenger information collected by airlines that is compared against law enforcement databases and shared with Europol and agencies of the member states.

In the Winter 2017 issue of City Security magazine, Stephen Massey and I contributed an article What are the implications of Brexit for security? discussing security and Brexit, and the co-operation between the UK and the EU. In the article, we argued that there was no question that this would continue after Brexit: with the threat of terrorism and serious crime increasing, it is in the interests of both parties that strong co-operation is maintained. We noted that, although there is no precedent for access by non-EU or non-Schengen countries to ECRIS or SIS II, for example, there is equally no precedent for negotiations with a former member state that is such a significant contributor to European security arrangements.

Brexit and security: Future partnerships for the EU and the UK

The House of Lords European Union Committee concluded in a December 2016 report that there was a strong case to support the government pursuing a wide-ranging bespoke arrangement, and the same view was put forward in September 2017 in a policy paper by the Department for Exiting the European Union and the Home Office. The ‘Future Partnerships’ paper set out a plan for a new treaty with the EU that retains the current system of co-operation, arguing that, “with threats evolving faster than ever before”, the UK and EU should “work together to design new, dynamic arrangements as part of the future partnership”, to a degree that “goes beyond the existing, often ad hoc arrangements for EU third-country relationships”.

The Political Declaration setting out the framework for the future relationship between the United Kingdom and the European Union, which was published in conjunction with the Withdrawal Agreement in late November last year, is non-committal in terms of detail, but sets out intentions for “an ambitious and comprehensive future security relationship” and “comprehensive and close reciprocal law enforcement and judicial cooperation in criminal matters”.

Presently, this is a matter for the back burner: the current focus in politics is the Withdrawal Agreement, and much posturing from a variety of political positions is taking place across government and in the EU. The agreement that the government has negotiated largely allows for the current security arrangements to continue through the Brexit implementation period of 21 months, set to begin in March, leaving future arrangements still to be negotiated. At the International Security Expo, The Rt Hon Ben Wallace MP, Minister for Security and Economic Crime, gave a well-publicised speech to delegates as part of the government’s bid to garner support for its deal. He described the deal as delivering “the broadest security partnership in the EU’s history”, while warning of the uncertainty that would arise should the deal be rejected by Parliament – as it indeed was.

There has been much hysteria about the risks of a ‘no deal’ situation, but this is unfortunately the character of politics and the media, and my view on where things stand is that there is no need to panic and we should simply wait and see. If absolutely necessary, there is room for a short extension of Article 50 with the agreement of the European Council, which is the EU’s grouping for members’ heads of state.

The Institute for Government think tank has just produced an alarming report on the challenges that will be faced in the event of no withdrawal agreement or no transition period, but it is clearly in both parties’ interests to avoid this situation. The objective of the rejected Withdrawal Agreement was to provide “a smooth exit and orderly transition to the future relationship for people, businesses and organisations across our country”, and the Withdrawal Agreement and Political Declaration were settled on the basis that “nothing is agreed until everything is agreed”, meaning that, far from being finalised, the Brexit negotiations are only just beginning.

In the meantime, as security practitioners, we just need to continue to do what we are best at, which is to carry on helping to shape the UK’s security capabilities that continuously impress the rest of the world. To borrow Kipling, “if you can keep your head when all about you are losing theirs”, there is much that can still be achieved.

Alison Wakefield, Chairman, Security Institute

www.security-institute.org

The post Security and Brexit: Security co-operation after Brexit appeared first on City Security Magazine.

This article seeks to explore both the why and the how of Russia’s use of ‘hybrid warfare’ – particularly utilising the information, political, and non-combatant spheres – in the modern age in order to suggest that not only is Russia’s use of tactics against the West far from new, what Russia wants is hardly unpredictable.

There is currently a sense among the UK and its Allies, especially in the light of the Skripal case and clear Russian intervention in various western electoral and political systems, that the West is under attack by Russia, with the implication that Russia seeks our destruction.

Furthermore, following the annexation of Crimea in March 2014, we have become fixated upon the idea that the actions of Vladimir Putin’s Russia are frighteningly new and unpredictable.

Russia overtly uses the information space to demonstrate its own view of its place in the world, and its relationship with the West. Through this, we can better understand, and thereby seek to counter, Russia’s efforts.

The relationship between Russia and the West

It is first necessary to explore why Russia has turned its attention to the West in recent years. The relationship between Russia and the Western Allies is one clearly conditioned by a classic security dilemma: both sides view the other as the aggressor in a deteriorated relationship, and both perceive in the other the capability and intent to destroy them.

From Russia this is grounded in historical experience of attack from the West from the Teutonic Knights (in the 12th century) through to Hitler and indeed the collapse of the USSR in 1991, and most events since.

It is most likely the case that Russia views itself as the new status quo power in defence of the Westphalian state- and rules-based world order (which elevates the centrality of sovereignty) against the US, EU and Western political and economic institutions (which are globalist and rights-based).

The Russian perception is that Western intervention has brought nothing but chaos (view Iraq, Afghanistan, Libya, the Maidan in Ukraine) whilst their interventions have been aimed at restoring stability and preserving classical features of the Westphalian world order (Georgia, Syria, Ukraine).

To secure itself, Russia must therefore be a stable, powerful nation recognised as a peer of other major powers. Russia seeks to be a “normal great power” and believes the US and Allies seek unfairly to prevent this. Russia very likely seeks an end-state where it is seen as a great power, equal to other great powers in a (Westphalian) rules-based world order.  All subsequent ways and means descend from this clearly-articulated statement of “ends”. In this effort, they view themselves as acting defensively.

In contrast, the Russians believe US and NATO policy to be aggressive towards Russia. Putin has stated: “As you know, NATO and the United States have recently outlined their defence strategy. It is an offensive strategy…Let’s be clear: this is offensive infrastructure that is being created in Europe. This is about violations of provisions of the 1987 INF Treaty by the United States.”

Further Russian messaging underlines that, for instance, their role in Syria is to restore stability and fight the international terrorism caused by illegitimate intervention in Iraq and Afghanistan, to restore a preferable status quo disturbed by the West. Putin has on numerous occasions reiterated Russia as the rule-following power, while the West ignores or abuses the rules as they see fit.

The view is likely that Russia’s classical interests-based foreign policy is threatened by the West’s destabilising values-based policies, which push dangerous, sovereignty-violating and interventionist ideas such as individualistic human rights and economy-crushing robber-capitalism.

Countering the Western Narrative

Russia’s counter-position to this is manifold: they will employ both positive soft-power messaging and disruptive activities in the UK and the West, most likely with the intent of creating an internal challenge to current western policies towards, and perceptions of, Russia.

Constructively, they employ soft-power elements to build a more favourable view of Russia as a legitimate and responsible actor.  Paired to this is what we perceive to be the pernicious Russian interference, which is aimed at stimulating public dissent (for instance against the safety of vaccines and GMO crops) and distrust of government, and supporting political actors who are favourable to Russia. Russia’s intermediate goal is very likely to set more favourable conditions for Russia’s recognition as a legitimate status quo actor by making the West’s values-based policies seem untenable or unjustified domestically.

To spoil the aims of the Western states, Russia will use all its available information operational assets to counter the Western narrative, and present their own narrative to Western audiences. The aim is not, most likely, to undermine or destroy Western institutions (such as elections, political or social institutions) as an end in itself, but as a means to allow the Russian socio-political narrative to gain traction.

The secondary effect is the raising of internal barriers to Western domestic political consensus, slowing Western response times and ability to act against Russian interest. It is arguable, for instance, that what the Russians want to achieve in the Baltics is the the denial of the “B3” to NATO as a springboard for operations against Russia, not their destruction or occupation by Russia.

As has been argued, Russians “don’t want to destroy the table; they want a seat at it.”  Russian disruption and influence operations will not be consistent in all locations or times; they will most likely exploit targets of opportunity or perceived “weak links”: currently, it is likely that Germany is perceived as the most important and most easy to influence of the Western powers because of their strife over immigration. Individual disruptive actions will be consistent with the overall aim and should be considered in that wider context of a defensive-minded Russia; their actions are to win space and time for their own manoeuvre, not necessarily the destruction of western institutions.

So it is clear that Russia sees itself in opposition to an aggressive and expansionist West, and uses the information space to buy time to enable itself to better fight this war in the future. This underlying motive is reflected in how Russia chooses to engage in conflict with the West. Despite the aftermath of the invasion of Ukraine, and more recently the Skripal incident, characterising Russia’s actions as unique to Putin’s government, Russia’s use of the hybrid space is far from new.

Russia’s use of Hybrid Warfare: Information Operations

Having grounded this article in Russia’s modern worldview, it is worth focusing in on one aspect of hybrid warfare to demonstrate the consistency of Russia’s tactics: information operations. Dmitri Alperovitch, head of cybersecurity firm Crowdstrike, has argued that “a lot of what they’ve done was very opportunistic… They cast a wide net without knowing in advance what the benefit might be.”

It is likely as well that Russian operations have often been done in perceived retribution or retaliation. Russian journalist Andrei Soldatov has suggested that the hack of the US DNC was in retaliation for the Panama Papers leak, which the Russians believed was designed to embarrass Putin.

The operational plan of Russian hacking and interference thus looks like widespread, low-level probing to identify easy targets or profitable operations. When required, or where advantage is detected in what is viewed as an ongoing conflict with the West, it can be exploited. Actions which undermine the liberal democratic message or the ability of Western governments to maintain public consensus, or to sustain foreign policy actions which harm Russia, will most likely be the focus of Russian exploits.

Smaller actions do not have to have “strategic” effect on their own. Targets for Russian information and disruption operations are most likely opportunistic. Where weaknesses in existing institutions exist, or where challenges to political or social consensus exist, the Russian security services will attempt to exacerbate or exploit. Local conditions will be exploited to achieve strategic effect in aggregate.

Linking Russia’s use of hybrid warfare to doctrine

In February 2013, the chief of the Russian General Staff, General Valery Gerasimov, published an article which gave the perspective of a senior military leader on the future of war. While this piece was not remarked upon in the West upon its publication, it has been heavily scrutinised in the wake of the 2014 Russian intervention operation in Ukraine. Gerasimov states that “In the twenty-first century we have seen a tendency towards blurring the lines between the states of war and peace”, thereby linking hybrid warfare doctrine to Russian activities.

This mentality is undeniably held by Russian intelligence practitioners, who have consistently made use of the information and political spheres, as well as non-combatants. However, far from being the new phenomenon suggested by some, this has formed an underlying factor in the consistency of Russian intelligence strategy since the Tsarist period, albeit intensifying post-1917 as the fledgling Communist state sought to protect itself from its capitalist neighbours. Russia has consistently lacked a delineation between war and peace and has instead, as discussed, seen itself as under constant threat from its neighbouring states, most recently NATO and the EU.

Modern Russian Intelligence Services

Equally of note in contextualising Russia’s use of hybrid warfare activity is the extent to which the modern intelligence services base their culture and doctrine upon that of their predecessors. The KGB was officially dissolved on 31 December 1991.

However, due to the volatile political environment of the post-Soviet state, Yeltsin relied upon the security services to stay in power, leading to a dependence on former KGB personnel. Thus, the five new agencies (including the modern FSB and SVR) which were formed from the KGB directorates were headed by ex-KGB staff. The GRU, of Salisbury fame, was not even reformed and has retained a consistent culture and methodology since its inception almost 100 years ago. This has important ramifications for the consistency of a Russian intelligence strategy, since with continuation of personnel in the Russian security services came a continuity in methodology. It is therefore unsurprising that there are notable consistencies in Soviet and post-Soviet hybrid operations.

These modern information operations designed to undermine the perceived adversary, such as the DNC hack and leak, can be traced back to previous Russian actions. Following his assassination in 1979 by the Soviets during the invasion of Afghanistan, President Hafizullah Amin was denounced as a CIA agent following the ‘discovery’ in 1980, after a fire at the Islamabad embassy, of a forged US State Department telegram which connected Amin to the CIA.

The denigration of a rival can therefore be seen long prior to the DNC hack, and can be traced back even further, to the toppling of the Prague Spring in 1964, when compromising material on rival politicians (collected prior to the invasion) was used after the invasion proper during purges of Czechoslovak “anti-socialist forces” which were conducted in collaboration with KGB liaison officers, and during which one and a half million Party members were questioned about their behaviour during the Prague Spring, and a third expelled. Clearly, far from being a new and frightening strategy, by focusing on one aspect of hybrid warfare (in this case, information operations) allows scope to appreciate the extensive use that these tactics have had prior to Putin’s accession. However, they are not identical incarnations. As discussed, Russia understands the local conditions of its target and will exploit them opportunistically; a Crimea scenario would be highly unlikely to occur in the Baltic States.

Appreciating the why and how of Russia’s use of hybrid warfare and modern activities

Russia has clearly signalled the why and how with regards to its hybrid activities within the West in recent years. It sees itself in perpetual war with a West determined to meddle in its affairs, and will thus do all it can to challenge Western narratives in the international and domestic spheres. To do so it is prepared to leverage its long history of experience of subversion from the KGB era and beyond to accomplish this. Perhaps appreciating the why and how of Russia’s modern activities will help to overcome this most recent incarnation of Russophobia, and instead allow us to better understand, and hope to counter, Russia’s hybrid threat. A threat which is here to stay.

Dr. Kristian Gustafson and Katie Wilson, Brunel University.

The post Russia’s use of hybrid warfare appeared first on City Security Magazine.