Communication
Published 2 November 2020
1. Introduction
Corporate communications are a vital aspect of protective security. A security-minded communications strategy can help deter a range of criminality including terrorism, especially when a target is selected. It can reassure visitors and staff about their safety and security and even recruit them to assist your security effort.
Internal communication to staff and contractors can also be used effectively help instil the right security posture and behaviours. If staff understand the need to follow the right security processes to help detect and report suspicious activity, it can make your organisation, site or event less vulnerable to threats.
Should the worst happen, developing a communications plan in preparation for a terrorist event can help your organisation mitigate the impact, recover rapidly and help ensure staff and visitors maintain trust and confidence.
This short guidance provides an introduction and overview of how corporate communications can help protect an organisation, site or event.
Read more about Personnel security training and good practice
2. Security-minded communications
Those planning an attack typically conduct hostile reconnaissance. Gathering information is a vital component of attack planning. Generally, the more sophisticated the attack, the more complex the planning, which requires more information and reconnaissance (but even low sophistication attacks are usually preceded by hostile reconnaissance). Terrorists want their attack to succeed, so they require reliable and detailed information to plan effectively and to feel assured of success. They will carry out research into the range and type of security measures, including their effectiveness. This presents an opportunity to deter them via the type and content of communications that are publicly visible and accessible.
A security-minded communications approach has three key elements:
- Audit – your digital footprint to ensure that there is no useful information readily available that will assist and motivate attack planning. For example, floor schematics of a site, details about the make and model of security screening equipment or the number of CCTV cameras.
- Adapt – remove detail, or if this is not possible, ensure you address this vulnerability. For example, if there is an adverse news article about a security incident, take the opportunity to convey the right messages that counter potential vulnerabilities.
- Amplify – proactive marketing of your security capability across a range of communication channels. This may result in your site being discounted as a potential target early on (some target selection may be carried out online). This marketing should highlight your security procedures without giving away information useful to an attacker. This can be achieved in ways that do not cause anxiety or concern to staff or visitors (e.g. putting out a tweet thanking an eagle-eyed CCTV control room spotting someone in need of medical attention. This shows good customer care but also that your CCTV control room and response is very effective).
A good security-minded communications strategy will help deter attackers from selecting the organisation, site or event as a target in the first instance because:
- They are unable to get the information they need online
- They are concerned about the effective security measures that are in place
Similarly, it will inform and reassure regular users by:
- Demonstrating what is being done to ensure the ongoing safety and security of staff and visitors
- Encouraging staff and visitor vigilance and assistance in complying with security and reporting suspicious behaviour
3. Internal communications
Internal communications play a vital role in helping achieve the desired security behaviours in staff. For example, to be vigilant and report suspicious behaviour around the event/site, to challenge or report people not wearing passes, to prevent vehicles or people tailgating, or recognising and reporting suspicious emails or approaches online.
CPNI have produced a framework that helps organisations embed these behaviours and a range of communications campaigns that can be easily adapted for an organisation.
Go to the Embedding Security Behaviour Change webpage
4. CT crisis communications
If the worst happens, how well an organisation communicates in the aftermath can significantly impact the recovery from an attack. Having an effective communications plan in place in the event of a terrorist event is essential. It will help organisations mitigate the harmful and often long-term effects of a terrorist incident on brand and business reputation, value and continuity. Working in partnership with the Chartered Institute of Public Relations, CPNI have produced specific CT crisis communications guidance to help organisations develop an effective communications plan.
Go to the Crisis Management for Terrorist Related Events webpage
Further Information:
Read more about Hostile Reconnaissance
Go to the CPNI Personnel and People Security webpage
Go to the CPNI Disrupting Hostile Reconnaissance webpage
For further information on personnel security communications and disrupting hostile reconnaissance speak with your local CTSA..