Don’t overlook the role of crisis communications in your security strategy

How ready are your communications for a crisis? Effective communications play a key role in your security strategies and require planning, training and testing.

The threat landscape in the UK is rapidly evolving. This means businesses and organisations need to adapt and implement robust security strategies to reduce potential threats.

Security strategies rightly focus on the practical measures and protocols required to prevent a security breach. When and where a breach is made, the strategy outlines measures to protect and mitigate the impact.

In terms of the physical measures, this may include the provision of security barriers or bollards, access control systems, or security guards. Where cybercrime is the threat, it may include measures to protect systems, networks, and programs from digital attacks. Each measure is vitally important but the role of communications as part of security strategies is frequently overlooked.

This is problematic because the world we’re living in is fast paced, hyperconnected, and information travels instantaneously via social media and media networks. It’s therefore important that organisations build resilience to potential incidents and the challenges that ensue.

That is why it is crucial that organisations proactively think about the role of communications as part of their security strategies, and how they should means test them.

Crisis communications

The very nature of crisis communications means that you’re dealing with unexpected circumstances and the challenges that arise from them. No incident is the same and whilst it’s important to imbed structures and processes that guide an organisational response, each response to an incident will be different.

In my experience working with clients across the public and private sectors, it’s been insightful to see the different approaches when preparing for crisis communications.

But the most effective approach and preparation I’ve witnessed is where clients have proactively engaged in scenario-based training sessions. This is because the training ensures lessons are learned and potential gaps in communication responses are identified.

Building structures to create resilience

The type and size of the business or organisation will determine what channels of communications will be required. For example, a commercially focused business may focus on engaging with its customers to retain confidence in its products or services.

However, an operational organisation may want to communicate, where it is reasonably practical, about the circumstances around what happened and its role in responding to the incident. In this scenario, the use of social media channels is best utilised to share clear and succinct information.

In both cases, key stakeholders and contacts should be identified to streamline communication channels, and to disseminate the right information to the right people.

At the same time, it is worthwhile thinking about a scenario where a media outlet will ask to speak with someone from the business or organisation. Where it is necessary, media training should be sought and delivered to ensure a spokesperson can effectively deliver key messages and control the narrative when being interviewed.

Means testing – scenario-based learning

The training requirements for security professionals are a key component to achieving the high standards people expect in the UK. Training provision means that security professionals are empowered to identify vulnerabilities, implement best practices, and to respond effectively to potential threats.

Internal training and scenario-based learning are often overlooked, which means that organisations are essentially missing an opportunity to prepare for an incident response.

Means testing scenario-based learning exposes employees to realistic security incidents. It also allows them to practise what protocols, including communications, would be used to address them.

Ultimately, this will help to identify gaps, improve response preparedness, and enhance organisational ability to make informed decisions to coordinate communications.

Responding to a security incident

Our industry exists for a reason – there are individuals and groups who actively seek to commit crime and harm to our communities. Collectively, our expertise and insight mean we’re best placed to manage and mitigate potential risks.

However, whilst each incident is different from the other, it is vital that businesses and organisations ensure they are resilient by establishing clear protocols and processes, which includes communication, in the instance of an incident.

What that response is entirely depends, whether it is sharing key information to authorities and organisations fronting a media response, or whether it is sharing information with clients and customers to protect your reputation.

In the moments after an incident people look for leadership. Establishing structures and processes and effectively means testing these through scenario-based training builds resilience in communication responses, which leads reassurance and secures reputation.

Nathan Emmerich

PR and strategic communications specialist.

Communications advisor to Figen Murray OBE on Martyn’s Law and has worked with clients including the Home Office, Survivors Against Terror, Counter Terrorism Policing, and the Counter Extremism Project.

You can follow Nathan on social channels:

LinkedIn: Nathan Emmerich

X: @NathEmmerich