- Pricing and telematics lead the charge as insurtech patents jump 40pc
- FCA puts general insurance pricing practices under review
- Volvo and Baidu reach agreement to produce autonomous vehicles
- Cyber and D&O exposures increasingly intertwined, Airmic report finds
- Arch selects Touchstone for cat risk modelling
Mind the gap
Written by Peter Davy
Peter Davy takes a look at the latest initiative aimed at bolstering communication and cooperation between the emergency services and the private sector
The Olympic legacy was always going to be difficult to predict. Tourism is down; the impact on sports is uncertain, yet businesses remain optimistic. A survey of 600 large private and public sector organisations by telecoms giant BT published last month showed four out of five predicting a post-Olympic boost this year.
The key benefit to have been realised so far, though, was perhaps surprising: the adoption of flexible working. A third said that facilities introduced for the Games would prove its lasting legacy.
There are, however, perhaps even more unusual parts to the legacy, too. One is the Cross-sector Safety and Security Communications project (CSSC).
Introduced to help businesses cope with the potential disruption during the games, the project was a partnership between the police, government and industry to give businesses vital information on issues that could affect them.
At its centre was the ‘CSSC hub’, a group continuously collecting information from the police, Transport for London, the Home Office and other agencies and passing it to businesses, as well as receiving their feedback. In practice, this principally involved bridge calls with representatives of about 30 industries, who would disseminate news of traffic issues, arrests and protests, for example, to businesses that had signed up to the scheme.
The project proved a valuable way to boost communication between businesses and the emergency services, according to CSSC co-founder Don Randall, who started his career with the City of London Police, before moving to the financial world.
“It was basically to alert the business community to anything that could impact their daily lives,” he says. In doing so, it satisfied their key requirements for information: speed, accuracy and authority.
“It had the official stamp on it,” he explains. It also had significant reach: the pharmaceutical industry alone had 900 members signed up.
With the Games over, a virtual hub still runs (with the members connected through the communications network) and maintains contact and provides advice as threats and risks arise. However, the CSSC is now looking at making it permanent, establishing it widely in London and ultimately spreading it elsewhere in the UK, and even internationally. It is also going to be used for next year’s Commonwealth Games.
Of course, it is far from the first initiative to look at bolstering communication and cooperation between the emergency services and the private sector. Indeed, CSSC builds on existing networks, such as the Sister Banks initiative and Project Griffin (both of which Randall also chairs nationally).
The latter shows the success that’s possible. Developed by the City of London Police, Project Griffin was introduced in 2004 as a counter-terrorism measure and has since spread nationwide – indeed internationally with projects being taken up in New York, Canada, Australia, Singapore and South Africa.
Providing regular seminars for security professionals (and some receptionists) it gives updates on threats, training on spotting suspicious activity and guidance on how to react to potential threats. It is not always gone smoothly: the initiative was blamed for a spate of reports to police about innocent architectural photographers. However, in general it has had a big impact, says Graham Bassett, board chairman for Project Griffin in London.
“Wander around the City and virtually every front-of-house receptionist or security guard will have been Griffin trained,” he says.
It is a similar story with project Argus developed by the National Counter Terrorism Security Office (NaCTSO) within MI5. That runs three-hour events for organisations simulating a terrorist attack to test preparedness, and again, it has spread nationwide.
Argus’s scope is wider than Griffin’s, being aimed at those involved in the office, retail, hotel, education and health sectors, as well as designers, planners and architects and the “night time economy”. Nevertheless, the impact of the new CSSC could arguably end up being greater still – having no restrictions on the organisations involved, but also addressing a wider range of potential threats, from terrorism to traffic.
“This has never sought to usurp or surpass any other initiative, but it is the overarching initiative because it has all the parties involved,” says Randall.
There are a number of reasons such moves will be welcomed. For a start, it is increasingly recognised that the split between the responsibilities of the public and private sectors is far from clear cut. Consider utilities and communication networks, for example.
“A lot of our critical national infrastructure is in the hands of the private sector,” points out Rick Cudworth, lead partner for resilience and preparedness at Deloitte. That was recognised officially in revisions to the Civil Contingencies Act last year. They required the utilities and transport industries to tighten links with the emergency services.
In any case, businesses like BT, with its Civil Resilience team, already works closely with the emergency services, government organisations and other utilities to help them deal with major incidents, and information sharing is increasingly common in such sectors. At Airwave Solutions, which provides its resilient communications network TETRA to the army and police, fire and health services, head of business continuity and emergency planning Mark Jones points to the Electronic Communications Response and Resilience Group. There the telecoms company and representatives of the emergency services meet and discuss the resilience of the communications network.
“It provides a joined up approach for more strategic planning to take place,” he explains. Cudworth agrees that such moves are not unusual, and adds that it goes beyond the obvious infrastructure. It is striking, for example, how supermarkets are often now frequently involved during flood responses, he says, ensuring essential supplies can reach affected areas.
“We have seen more and more businesses recognise the need to bring in the emergency services and other local government and utility services into their planning and thinking,” he says. Such examples simply reflect that there are benefits to both sides of better communication and coordination.
In the US, for instance, the 2008 Democratic National Convention held in Denver, and the Denver Public-Private Partnership (DP3) established for the event. This set up a communications network between law enforcement, the Department of Emergency Management, local businesses and NGOs, enabling users to receive secure, instant alerts from the city’s emergency operations centre and respond with feedback to the centre and others.
During the conference it proved its worth, enabling coordination of businesses’ security personnel to help police in their crowd control efforts, and even to scope out 911 calls reporting riots and looting elsewhere in city – which turned out to be calls made by demonstrators aimed at diverting police resources. The result was that police were able to concentrate their resources on preventing demonstrators accessing the main pedestrianised areas.
Despite the benefits, though, there is still some way to go. Former City of London assistant commissioner and the latest addition to the Business Continuity Awards judging panel Frank Armstrong, agrees.
“I was astonished by how little if any contact was being made with law enforcement,” he says. In truth, performance probably varies, according to Amanda Kilbey, a business continuity consultant at Marsh Risk Consulting. “Some are just starting out and still don’t always think the emergency services want to hear from them,” she says.
At the very least businesses should look at the networks available, as well as the work emergency services and local authorities do around community risk registers, and establish who is responsible for liaising with the emergency services.
“It is about making sure once the emergency services are on scene there is someone who knows where people and things are within the business,” says Trevor Wheatley-Perry, managing director of Vocal, which provides the infrastructure and communication equipment that runs the CSSC.
Indeed, for larger companies, liaison should go significantly further. There may even be scope for the emergency services to attend exercises or review the planning businesses have in place, says Kilbey.
“It is practical steps that will really help both businesses and emergency services to deal with an incident quickly so the business can get on with recovery,” she says.
And it is worth getting right, says Armstrong, because the threats have not gone away. He led the force’s response to the terrorist threat in the aftermath of 9/11 and the July 2005 London bombings. He says communication with the emergency services is invaluable in mitigating the risks and ensuring a better response if the worst happens. It also, crucially, keeps the threat in mind.
“The danger is that people forget what has happened in the past,” he says. “The threat from international terrorism is not going away, and in Northern Ireland the police service continue to have a tough time with dissident republicans. They only need to come back once. There is no room for complacency.”