Tracy Reinhold, Global CSO, Everbridge discusses how evolving terrorist threats are forcing organisations to rethink preparedness.
The threat of terrorism remains a persistent reality, but the nature of that threat is evolving. Today’s security environment is no longer defined solely by physical attacks on high-profile targets.
Instead, organisations across both the public and private sectors face a complex mix of physical violence, cyber-disruption and information warfare designed to cause fear, confusion and prolonged disruption.
From busy transport hubs and public venues to corporate campuses, healthcare facilities and essential services, modern terrorism targets environments where people gather and where disruption can ripple far beyond the immediate scene.
Preparing for these risks is no longer just the responsibility of national security agencies or operators of critical infrastructure; it is a shared challenge for any organisation responsible for people, assets or public trust.
While emergencies of all kinds can affect organisations, from extreme weather and infrastructure failures to accidents and operational disruptions, terrorist incidents carry a uniquely destabilising impact.
They unfold deliberately, often without warning and are intended to generate fear, attract attention and undermine confidence. The consequences extend well beyond the incident itself, affecting employees, customers, emergency responders, leadership teams and the wider community long after the immediate threat has passed.
Modern terrorist activity is increasingly characterised by hybrid tactics that blend physical and digital elements. Hybrid threats, according to the Everbridge 2026 ‘Regional Threat Assessment’, highlight how physical attacks are now frequently accompanied or even preceded, by cyber-activity intended to disrupt communications, disable safety systems or slow emergency response.
In parallel, disinformation campaigns can spread rapidly online, amplifying panic, circulating false reports and overwhelming official messaging.
This convergence of threats presents a significant challenge for organisations that have traditionally treated physical security, cybersecurity and crisis communications as separate disciplines.
In reality, vulnerabilities in one domain can be exploited to magnify impact in another.
A failure in communications can be as damaging as a breach of physical security if it leaves people uninformed or misinformed during a fast-moving incident.
As a result, counter-terrorism preparedness must be viewed holistically.
Effective defence and response depend on understanding how people, processes and technology interact under pressure and how attackers may seek to exploit those interactions.
While technology and procedures play a critical role, organisational resilience ultimately begins with people. Employees are often the first to notice warning signs, the first affected during an incident and the first expected to act.
Investing in training, awareness and wellbeing is therefore a fundamental component of modern counter-terrorism strategy.
A strong organisational culture, one that encourages collaboration, learning and open communication, can significantly improve how an organisation performs during a crisis.
When teams trust leadership, understand their roles and feel supported, they are better equipped to respond calmly and effectively under stress.
Leadership plays a crucial role in setting this tone.
Clear expectations, realistic planning assumptions and transparent communication help build confidence before an incident occurs.
During a crisis, that trust enables faster decision-making and more coordinated action, reducing confusion at a time when clarity is essential.
One of the most decisive factors in any terrorist incident is how information is managed and shared. In the absence of timely, accurate communication, rumours spread quickly and control can be lost.
Employees, customers and the public may turn to unofficial sources, increasing anxiety and undermining response efforts.
A robust critical incident communications plan is therefore essential. This plan should clearly define roles and responsibilities, specify who communicates with whom and outline how information will be verified and disseminated.
Importantly, it should be flexible enough to adapt as situations evolve, while still providing a structured framework for action.
Preparing message templates in advance allows organizations to communicate quickly without sacrificing accuracy.
Different audiences, staff, customers, emergency responders, partners and leadership, require different information, but consistency across messages is vital to maintaining trust.
A multi-channel approach ensures messages reach people wherever they are. SMS alerts, voice calls, email, mobile applications and internal collaboration tools all have a role to play.
Two-way communication is particularly valuable, enabling organisations to confirm safety, gather situational intelligence and identify where additional support may be needed.
Regular exercises and simulations help ensure these plans work in practice. Conducted outside the pressure of a real incident, drills allow teams to identify gaps, refine processes and build confidence in their ability to respond effectively.
Technology, when used effectively, can significantly enhance preparedness and response. Integrated Critical Event Management (CEM) platforms bring together risk intelligence, communications and response workflows into a single operational environment.
This allows organisations to move faster, coordinate better and make decisions based on a shared understanding of the situation.
At the centre of a modern CEM approach is access to timely, relevant data. Threat intelligence from public sources, law enforcement alerts, social media monitoring and environmental data can be aggregated to provide early warning of emerging risks.
Visualising this information in a clear and accessible way gives security and leadership teams a common operating picture, enabling quicker and more informed decisions.
Automation is another critical advantage.
During a fast-moving terrorist incident, manual processes are prone to delay and error. Automated workflows can trigger alerts, launch communications and escalate responses according to predefined plans, reducing reliance on memory and improvisation under pressure.
Scalability is equally important.
In large or multi-site organisations, the ability to rapidly reach thousands of people and receive confirmation of their safety, can make a decisive difference.
Technology that supports this scale, while maintaining accuracy and reliability, is an essential component of modern resilience.
The challenge of preparing for modern terrorism is significant, but it is not insurmountable.
Organisations that adopt a proactive, integrated approach: Combining people, processes and technology, are far better positioned to manage the risks they face.
By breaking down silos between security disciplines, fostering a culture of preparedness and investing in robust communication and response capabilities, organisations can reduce the impact of an attack and recover more quickly when incidents occur.
In an era where threats are increasingly complex and interconnected, resilience is no longer optional; it is a strategic necessity.
The Everbridge 2026 ‘Regional Threat Assessment’ provides additional context on how regional instability and global events are shaping terrorism risk in the year ahead.
The report examines where threats are intensifying, how events cascade across borders and how organisations are adapting their preparedness and response strategies in an increasingly complex risk environment.
