Don’t wait for a new law – organisations can benefit now from a ‘Duty to Protect’

Russell Baker, Business Development Manager, Maxxess Systems EMEA

You might not think so, from much of the commentary online, but at the moment there are no government plans to introduce tighter counter-terror rules on publicly accessible locations – a so-called ‘Protect Duty’ applicable to music venues, certain public spaces, sporting events, places of worship etc.

Following the Home Office’s six-month consultation last year plenty of companies, commentators, media reports and even some public authorities, have been talking about proposed new Protect regulations’ to be introduced in 2022.

But to be clear, as of yet there is no timetable for any legislation. No new law has been proposed.

There are many questions that would need to be resolved first. Not least is how compliance would be monitored, who would enforce it, and what the penalties would be for non-compliance. That’s before you get into the specific details of what new duties organisations might have, and what they might cost.

The government’s response document published in January is well worth reading, as is the Home Secretary’s written statement (January 11^th) which suggests that this won’t be a quick process. The Home Secretary wrote: ‘The Government is carefully considering policy proposals in light of the views raised in the consultation, in particular, how a legislative requirement could further improve public security, whilst not placing an undue burden on organisations which are smaller in size or staffed by volunteers, such as places of worship. Legislative proposals will be taken forward when Parliamentary time allows.’

Anyone who remembers the long years of debates, public meetings and ministerial statements that eventually led to the Private Security Industry Act (2001) and the introduction of SIA licensing in 2003, will look at the phrase ‘when Parliamentary time allows’ with some scepticism. The point about ‘not placing an undue burden on organisations’ also has echoes of that other debate a quarter of a century ago.

Just like then, there are plenty of other issues taking up the government’s attention right now, and any legislation that adds further costs to businesses facing a period of economic uncertainty and geopolitical stress seems unlikely.

But – as we’ve been saying for a while, organisations are already engaging with this topic now, not because of any threat of legislation, but to meet duty of care obligations as well as other strategic objectives.

Senior executives should be asking questions about their own corporate vulnerability, and that includes risks to their brand reputations. When a serious incident occurs, particularly when people get hurt, it’s essential to be able to demonstrate that the right attention was paid beforehand to risk assessments, preventative measures, and response capability.

Were your people properly prepared? Did they have the right training, and the right tools to respond?

For cost efficiency, this resilience-building should be incorporated at a strategic level into every aspect of corporate thinking, not bolted-on as an afterthought. Siloed security and safety measures will not only be less effective, but they will also almost certainly be more costly and less likely to work.

For example, upgrading and streamlining corporate infrastructure – linking together core functions such as HR with security, visitor management, and wider building systems and services – is one of the most cost-effective ways to build resilience, and mitigate risks, both physical and cyber. It’s also the approach we are seeing many organisations now taking to improve their operational efficiency, for example by integrating Microsoft’s Active Directory to eliminate technology stacks to enable access to buildings, company networks, specific IT applications, and equipment to make the user experience frictionless.

This also gives organisations the ability to see ‘who, what and when’ from comprehensive audit trails. It drives other benefits too, such as better staff retention and actionable intelligence which can be used to create more welcoming and convenient workspaces that will attract new talent, drive cost efficiencies, and support longer term business strategies.

Putting in place these seamless integrated management platforms not only allows existing infrastructure to be retained and used more efficiently – CCTV and access control for example, can be now adapted and managed more effectively from a single pane of glass, rather than ripped and replaced – it also lays the ground for future adaptability.

The benefits will be felt whenever new compliance rules are introduced because these flexible platforms make it easy to close gaps in security and introduce new efficiencies to control room operations. Whenever standard operating procedures need to be updated, the modular, open architecture platforms allow the most beneficial technologies to be implemented too, so that control room teams can be supported with the latest tools for faster detection, more certain verification, and more targeted response.

We’re already seeing this with the adoption of AI-powered video analytics easing the burden of continual monitoring of multiple video streams. AI is becoming more consistent and reliable in its ability to detect unusual events, even in busy scenes, alerting security teams to suspicious loitering in public spaces or vehicles on perimeters, and providing far more accurate intruder detection. Not only does AI analytics tech reduce false alarms more effectively than traditional ‘blob’ type analytics, unlike human operators it doesn’t get tired, so events don’t get missed.

Metadata is also being made use of and is speeding up investigations by allowing operators to search for people by appearance, for vehicles by type or colour, or a combination of criteria across multiple streams from different sites. This makes it possible to find relevant footage in minutes not hours. And in turn, that frees up security personnel to be deployed to more rewarding and productive frontline tasks, where they are more visible, effective, and engaged.

Better yet, over the last two years edge AI cameras or plug-in appliances have become far more affordable. And with a unified platform users can choose to upgrade specific, individual cameras to cover strategic areas such as entrances, or exits, locations where high value goods or sensitive information is stored, while still retaining their remaining cameras. Importantly, unified platforms are also allowing control rooms to respond more effectively and coordinate responses using mass- and targeted-communications via email, mobile apps, or SMS.

In the case of public events, these capabilities allow closer operational working between multiple agencies – venues, emergency services, local authorities – and they plug the communications gap which is often a failure point when a crisis happens. This is exactly the kind of partnership approach that the Protect consultation focuses on.

We are adding new integrations all the time that build these capabilities – most recently, for example, SAFR facial recognition technology – which means that if compliance requirements ever do change, our customers are better placed to meet them quickly.

One of the more thoughtful responses to the consultation, and to the Home Secretary’s statement, was published by non-profit business association Resilience First. The organisation argues that counter-terror preparedness should be seen in a broader context.

The point is a good one. Organisations should be improving resilience against multiple risks, not just one, because there are many scenarios that can have catastrophic outcomes: for example, an emergency site evacuation, or a multiple casualty event, needs to be properly prepared for and managed safely whether it’s caused by a terror attack, an accident, or an extreme weather event.

It’s for good reason that today we are seeing more customers focused on incident preparedness and, as they do, taking a more strategic approach to building resilience.