URIM’s ACT/ProtectUK mobile application is keeping the UK informed with the latest counter-terror guidance and resources.
Following the terror incident which took place outside Liverpool Women’s Hospital, the decision to raise the terror level from ‘Substantial’ to ‘Severe’ not only indicates the likelihood of another attack but also highlights the need for effective preventative measures.
Moreover, with the arrival of UK Protect Duty legislation potentially just around the corner, there is much discussion surrounding the way in which publicly accessible locations will prepare their security procedures in the event of a threat. Whilst much continues to be done in the public sector to improve counter-terror protocol and suspicious activity reporting, because of many practical limitations the private sector cannot always operate under the same initiatives and procedures. As a result, mobile technology applications – which have undoubtedly boosted security across numerous industry verticals such as access control and biometrics – are now helping to lead the charge in the UK to help prepare staff and premises for emergency incidents at an enterprise-level.
One of the companies innovating this industry sector is URIM, whose ACT/ProtectUK app is supporting business users by providing them with a platform that offers a range of counter-terror resources for staff and premises. Not only does the app prepare enterprise employees to deal with emerging threats, it provides practical guidance and access to e-learning as well as a suite of NaCTSO videos. To find out more information about how the URIM-developed ACT/ProtectUK app is connecting enterprises to the latest counter-terror developments, Security Journal UK caught up with the company’s CEO, Ian Hammond.
A solution in demand
One of the key issues related to SMS – as opposed to push notification-based messaging – is that SMS-based information sharing is increasingly vulnerable to cyber-attacks. SMS used to be the golden solution, however its use has changed, massively during the COVID-19 pandemic, from being a cost-prohibited platform for fraudulent messaging to becoming one which is ever more widely adopted by hostile actors. Because of the public mistrust surrounding this, the end user response rate via SMS services plummeted whilst push notification-based applications have continued to maintain assurance.
Working for over ten years in IT as an Account Manager at ICL, Hammond left the business around the year 2000 to form his own company, which later acquired Criticall, a mass-notification system (MNS) specialist. After moving from Criticall to URIM in 2019, Hammond points out that the original MNS use cases were for business resilience and business continuity purposes at large corporations. Companies such as Marks & Spencer (M&S) recognised the need to move away from complex paper-based guidance towards easier notification-based communication.
“John Frost, the Head of Business Continuity at M&S asked if there was a better solution,” Hammond explains. “Just as the company used e-learning for catering and health and safety initiatives, as well as operational training, the same processes should be applicable to business resilience procedures. As previous formats for enterprise training on these matters was lengthy and unengaging for staff, Frost’s suggestion was that business-level guidance and e-learning should be equipped to a more concise, 21st century format. Gaining much success following this refresh, the thinking then moved to an app-based approach.
“Developing an app from scratch is hard and expensive; to counteract this, we thought that by using the app template and framework, we could populate it with the relevant information. What M&S said was that, because they liked the business resilience approach with the app, they thought it would be well-suited to a public counter-terror notification use. Fast forward to today, as the use of the ACT/ProtectUK app has grown since 2020, there are the usual suspects who are early adopters of this technology such as major UK police forces and security companies – however, you also get your industry vertical thought-leaders such as M&S, Unilever. We are at half a million users now, but ten million downloads is a future goal.”
Like any product, one of the keys to mass adoption of the ACT/ProtectUK app is certainly going to be how it is recognised across a variety of industries. NaCTSO’s ACT e-learning platform had already won a BCI award, so there was certainly a precedent set for when the associated app product was introduced to the application market. However, this precedent did not stop the company from also scooping the BCI Global Award for Continuity & Resilience Innovation in November 2021. Hammond adds: “I like to use the analogy of a library to describe the platform.
“Just as a library can be filled with information of specific types, what NaCTSO have done is provide content that could be applied to fit this mould. The purpose of the app was and continues to be for the provision of actionable information. Simple information such as ‘who do I tell?’ and ‘how do I stop bleeding?’ is available. However, deep-dive content for security professionals is also included.
“It is hard to find an obvious go-to for this type of information as it is typically just held on multiple websites. We were aware that there was a lack of apps on the market which offered such targeted content in this space and, as a result, we had to ensure that we stuck to our principles. The BCI Award win recognised all three components of the app’s creation – M&S’s understanding of what it is like to be a large-scale enterprise user, NaCTSO’s subject matter expertise and URIM’s platform.
“By going for the innovation award, we were able to set a benchmark for the product and it felt great to receive this recognition.”
Prevent, Protect, Prepare, Pursue
Looking at the application from a Protect Duty perspective, it is important to remember how terror-related issues are being addressed to protect the general population; with countless threats emerging, the counter-terrorism strategy (CONTEST) is key when thinking about how the UK can be kept safe. The CONTEST strategy is broken down into four tenets: Prevent; Protect; Prepare; Pursue.
Hammond describes CONTEST in more detail: “Pursue is fairly self-explanatory – chase after the people that have nefarious intent. Prevent – stop people wanting to get involved in terrorism and terror-related activities. Protect is very much related to the UK’s critical national infrastructure, such as utilities sites and transport hubs. Finally, the Prepare is where NaCTSO particularly comes in – they have a duty to warn and inform the average UK citizen.
“What UK Counter Terrorism Policing is doing is condensing all of this information into the expectations for the pending Protect Duty. Through their social media and wider online activity, Counter Terrorism Policing have clarified three key asks. Two of them are easy to respond to – and the e-learning in the app can help with these – but the third one is where you potentially need the professionals involved. The first ask is that enterprises ensure sure staff/workers are trained in counter-terror matters. The second ask is that staff are warned and informed about counter-terror matters.
“Then you come to the third ask. This is asking organisations that own or run publicly accessible locations that operate within the scope of Protect Duty legislation to conduct a risk assessment in respect of the terrorist threats that will be relevant to your facility/space. Whilst this is a reasonable ask, with this imminent legal requirement, the reasonable parameters and expectations surrounding specific locations – whether this be Wembley Stadium or a parish church outside of the city – are going to be critical when this legislation arrives.”
NaCTSO has developed very good and simple messaging such as ‘run, hide, tell’. Whilst the advice sounds basic on the surface, these types of three step processes are necessary in ensuring a coherent and swift response if an attack is to occur; when serious incidents do arise, effective risk mitigation can quite often be a result of awareness and understanding. With this in mind, by accessing the ACT/ProtectUK app enterprise staff can go through accurate and quick guidance to gain a better understanding of what is a reasonable response in the event of an emergency. Hammond clarifies: “A common example of where e-learning and actionable guidance can be critical is in counter-terror scenarios, for example, vehicle-as-a-weapon attacks.
“When you think about this in practice, what is the appropriate response? If you break it down and apply it to a scenario where a vehicle-as-a-weapon threat could occur at a premises, you have to understand the simple ways you can secure your location – this could be through the installation of perimeter protection or it could simply be a reorganisation of your outside facility space. Even if an attack is, in your opinion, unlikely to occur at your location, acknowledging these risks is critical to ensuring maximum safety and minimum impact.”
Preparation-led thought processes need to be adopted and bringing proportionality and context to enterprises is critical as they look to effectively prepare. By adding such conversations to meeting agendas, business owners, stakeholders and senior staff can act reasonably and anticipate the arrival of Protect Duty legislation. By using the ACT/ProtectUK app to access a wealth of guidance and notification resources, we can all move one step closer towards securing publicly accessible locations on a national scale. If ten million sets of eyes can spot when a threat is occurring, or even know what to do if and when one does occur, then our collective security will undoubtedly improve across the board.
For more information, visit: urim.app
This article was originally published in the January 2022 edition of Security Journal UK. To read your FREE digital copy, click here.