By Kelsey Hoppe, CEO Safer Edge, a risk advisory consultancy which works with NGOs, academia, government departments and the private sector, providing training and security advice in the UK and internationally.
It’s every hospitality business owner’s worst nightmare: an aggressive customer, a disgruntled employee or an extremist walks into a venue and begins attacking staff and members of the public.
In security risk management, we refer to this type of event as a ‘marauding’ attack and everyone who puts staff in venues accessible to the public has likely considered how they would handle such an event. The threat of such an attack can feel unpredictable, uncontrollable and hard to mitigate. The usual responses (barriers, checks, security officers) can feel clumsy and blunt. However, with a different mindset, there are several more thoughtful ways you can also address this risk.
Here are three examples
1.Gain Insight – predict, but there are some actions you can take to better understand the likelihood of an attack. Your security teams can be kept up-to-date on the current threat environment. Government websites, such as cpni.gov.uk or NaCTSO in the UK, alongside tailored threat assessments and in-house research will allow you to consider whether your organisation, its location, specific events or conferences you host might increase the risk. Wherever you operate in the world you need to understand the local security environment specific to your business.
2. Collaborate – Every business should be managing risk through a professional risk register and crisis management plan. These integral security systems need to be underpinned by professional training and practice for all staff, or they are simply policies on a shelf. For many businesses, safety and security management is consolidated at the top of the organisation. Managers are the people who are trained in, and daily considering, safety and security. Employees – attendants, receptionists, hosts, chefs – are trained only in the task delivery aspects of their job. However, an organisation’s security is only as strong as its weakest link. If employees aren’t aware of how their individual safety and security actions contribute to the overall security of their colleagues and the organisation -and if they haven’t had the opportunity to practice these skills, then the organisation is highly vulnerable.
3. Don’t be the problem – While ‘big bang’ attacks, like a terrorist event, capture our imaginations, business owners have a responsibility to ensure critical incidents don’t result from a disgruntled or harassed employee taking matters into their own hands. Responses to the ‘insider threat’ are largely focused on cyber security where an individual’s access can cause disproportionate damage to an organisation. But there is a risk of physical attack too. Successful organisations invest in mechanisms to know if their staff are being exploited, bullied, harassed or abused – known as safeguarding. In industries with itinerant or potentially vulnerable employees, such as hospitality, effective safeguarding can mitigate or prevent a range of harm and risk, including the high -end risk of retaliation.
Effective safeguarding can mitigate or prevent a range of harm and risk
