How can organizations stay ahead of complex and evolving threats? From cybersecurity risks to domestic extremism and the rise of AI in risk intelligence, today’s climate requires proactive strategies and adaptable decision-making. In this Q&A, Sean McDevitt, Director of Product Marketing, interviews Adam DeLuca, Director of Risk Intelligence, about critical risks, the importance of AI, and essential practices for building resilient Global Security Operations Centers (GSOCs). 

Discover expert insights on navigating new threats, harnessing intelligence for proactive decisions, and strengthening your security operations.

Sean McDevitt: What emerging threats do you see having the most significant impact on global organizations?

Adam DeLuca: Today and in the near future, I see several major threats shaping the landscape: cybersecurity risks and nation-state actors, domestic violent extremism (DVE), critical infrastructure vulnerabilities, and the growing impacts of climate change. These areas will be key for businesses to monitor and prepare for.

SM: How do geopolitical tensions, cyber threats, and domestic extremism trends factor into Everbridge’s risk intelligence forecasting?

AD: At Everbridge, our forecasting isn’t topic-driven — it’s risk-driven. We assess events based on whether they pose a real vulnerability or increase risk exposure for our customers. If a geopolitical or cyber situation doesn’t present a tangible risk, we don’t just report it for the sake of reporting. Our focus is always on helping organizations mitigate real-world risks.

SM: What role is AI playing in both the evolution of threat actors and how organizations can counteract them?

AD: AI is reshaping the threat landscape, enabling attackers to use it for deepfakes, phishing, vulnerability detection, and adaptive malware. Not to mention AI can conduct sophisticated disinformation campaigns that can make organizations and their assets vulnerable to a variety of different threat vectors.  AI-powered tools enhance social engineering, making attacks more precise and raising cybersecurity challenges. 

On the defense side, organizations can and should use AI for real-time monitoring, threat detection, and faster response times. AI can start mitigating a threat before your cyber teams may have even detected it.  AI can simulate attack scenarios, helping strengthen defenses and improve resilience against evolving threats. Integrating AI into security protocols is key to staying ahead in the fight against AI-driven cyber risks.

SM: What blind spots do many organizations have when it comes to threat intelligence, and how can they address them?

AD: Too often, organizations are reactive instead of proactive. Intelligence should be used to reduce risk exposure — whether that’s through executive protection, site assessments, or travel planning. Forward-leaning, proactive intelligence is critical. Insider threats are another blind spot. And even when trends or threats are identified, many organizations struggle to innovate or adapt quickly. Thorough after-action reviews are often overlooked but are essential for improving resilience. 

Best Practices for building resilient GSOCs

SM: For organizations looking to mature their GSOCs, what key capabilities should they prioritize?

AD: Focus on building strong people, effective processes, and smart use of AI. Repeatability and consistency are key. A mature GSOC should be reliable and agile at the same time.

SM: What advice would you give to security leaders trying to balance automation, AI, and human analysis in their GSOCs?

AD: It’s all about finding the right balance — and that requires action. Make decisive decisions, experiment, adjust, and don’t be afraid to fail. Trial and error is part of the process. Communication and collaboration are critical as you build a GSOC that integrates automation and AI without losing the human judgment that makes intelligence effective.

SM: What misconceptions do you still encounter about risk intelligence among security leaders?

AD: Risk intelligence is often used as a catch-all term. It is not merely the reporting the news, which I often see passed off as Risk Intelligence. Genuine risk intelligence follows a formula: risk leads to vulnerability, and the critical aspect is determining how to mitigate that vulnerability. Mitigation is frequently overlooked, which is a crucial part of the process in strengthening an organizations risk posture. 
 
Additionally, risk intelligence should be viewed holistically, encompassing all stages of the intelligence cycle rather than being confined to individual steps. These stages include collection, clean data, dissemination methods, production, and the most vital step – customer feedback. Each stage plays a crucial role, and improving each individually is essential to building an effective and successful risk intelligence program.

SM: How do you see the role of physical security evolving as digital threats continue to grow?

AD: It’s a different world than it used to be. Organizations need to think about vulnerability assessments for their physical security. What are your unacceptable consequences? And then you need to plan for that. People are always worried about cyber – but in terms of US infrastructure at least – there have been more physical security attacks than cyber-attacks. So, developing strong insider threat programs, doing assessments of your assets, and making sure there is continuity between operations, and your SOC, and law enforcement. A strong physical security posture is 100% necessary for a comprehensive risk mitigation strategy. 

Everbridge Risk Intelligence Monitoring Center (RIMC) Insights and Goals

SM: Where is the Everbridge RIMC focusing its monitoring efforts, and what major trends are shaping those priorities? Has there been an evolution over the last several years that shapes that prioritization?

AD: We’re leaning heavily into AI to enhance automation, monitoring, and source validation — improving the intelligence cycle at every stage. We’re also expanding our international sourcing and providing more localized, granular risk intelligence. Our monitoring will be more forward-looking, with an emphasis on early trend analysis and mitigation strategies. 

Today, effective intelligence programs include AI, an analyst and quality process. The web is shrinking, access to open-source intelligence is harder, and people are sharing information differently. We’re leveraging AI tools to enhance open-source research capabilities and threat monitoring, but true intelligence analysis happens when skilled analysts use AI effectively within a structured process.

SM: How does Everbridge risk intelligence help organizations make proactive decisions rather than just reacting to crises?

AD: Our goal is to be forward-leaning — to help organizations see around the corner, not just respond after the fact. We aggregate information from over 20,000 sources, leverage generative AI and machine learning, and combine it with the expertise of our analysts. We focus on highlighting risks before they escalate, giving customers actionable insights to limit exposure. And when events do happen, we dive into the why and how, helping customers close gaps for the future.

Preparing for the Risks of Tomorrow, Today

Navigating the ever-evolving landscape of global threats requires a balance of insight, innovation, and preparedness. From harnessing AI to enhance risk intelligence to addressing hidden vulnerabilities in both physical and digital security, Adam DeLuca’s insights highlight the enduring value of foresight and adaptability in protecting organizations. 

At Everbridge, we’re committed to helping businesses strengthen resilience and stay ahead of emerging challenges—through proactive intelligence, scalable solutions, and expert support.

This article originally appeared in International Security Journal

Ask any chief security officer how they protect their enterprise, and a security operations center (SOC) will often be one of the first things they mention. 

The SOC has long been viewed as a necessary fixture – the nerve center for threat monitoring and crisis response. But as our operating environments evolve, so should our strategies. For many organizations, especially those balancing complex risks and finite resources, it’s worth asking: Does the traditional SOC still make sense? 

Before anyone misunderstands – this is not about questioning the value of protecting people, data, and assets. It’s about being open to how we do it. Today, we have options. Options that offer the same, if not greater, levels of capability without the limitations of physical infrastructure.

The traditional SOC has its merits. Centralized operations, dedicated teams and real time situational awareness.  These have all served organizations well. I’ve worked in plenty of environments where a physical SOC was not only effective but necessary.

However, as someone who has spent a career assessing risk, I can tell you that static, brick-and-mortar solutions come with their own vulnerabilities – and, at times, may not be the best fit. Consider the challenges: 

• Cost – physical SOCs require significant capital – equipment, facilities, and staffing. For some organizations it’s simply not sustainable.  
• Resilience – a fixed location, by definition, is exposed to geographic and environmental risks.  
• Scalability – expanding capacity, adding capabilities or adapting to changing threats can be slow and expensive when you’re tied to a physical footprint. 

The case for a digital SOC 

A digital SOC addresses many of these limitations head-on. By leveraging cloud-native platforms and purpose-built technology, we can deliver the same – an often superior – level of security without being bound by four walls. Here’s where digital SOCs stand out: 

• Cost-effective without cutting corners – you don’t have to sacrifice quality for efficiency. Cloud-based platforms allow you to build scalable, full-featured security operations without investing heavily in physical infrastructure. 
• Operational continuity – a digital SOC is resilient by design. It is immune to localized disruptions. Your team can monitor and respond from wherever they are and if you structure it correctly, there is no single point of failure. 
• Integrated capabilities – today’s platforms do more than detect threats. They integrate crisis management, travel risk, communications and intelligence into a cohesive system. What once required multiple systems – and often multiple teams – can now be streamlined. 
• Speed and precision through AI – AI has real utility here. Not the buzzword variety, but targeted capabilities that help detect, analyze and respond to threats faster. AI doesn’t replace your team – it makes them better. It brings scale, speed and precision that would be impossible to replicate manually.  
• Future-ready – as threats evolve, so should your strategy. A digital SOC gives you the flexibility to adapt quickly, scale as needed and adjust your approach without waiting for the next capital investment cycle.   

A balanced view

Like any solution, digital SOCs aren’t perfect. Integration, team alignment and vendor selection all require careful attention. And some organizations – particularly those with highly sensitive operations – may still require a physical presence. This is not a one-size-fits-all proposition.

But what is clear, is that clinging to the traditional SOC model out of habit is no longer a viable strategy. security has always been about resilience, adaptability, and smart resource management. Digital SOCs allow us to embody those principles more effectively.

Rethinking the mission

At the end of the day, your SOC – physical, digital, or hybrid – is a means to an end. Its job is to ensure your people, assets, and operations are protected. How you do that should reflect the realities of the treat landscape you face today, not the one we faced 15 years ago.  

Security leaders need to be open to re-examining long-held assumptions. Not every organization needs to build a command center. But every organization does need the ability to know what’s happening, respond decisively, and keep improving. That’s what matters.

Artificial Intelligence (AI) is rapidly transforming industries, and critical event management (CEM) is no exception. Yet, misconceptions about AI often overshadow its true potential to revolutionize how organizations manage risks, disasters, and disruptions. These myths have sparked skepticism and confusion, leaving many uncertain about AI’s true role in CEM. This blog addresses the top 10 myths surrounding AI in risk intelligence and crisis management. By separating fact from fiction, we’ll reveal how AI empowers organizations to make smarter, faster, and more resilient decisions. 

Myth #1: Automation removes human control over crisis management

Reality: AI enhances human decision-making. It doesn’t replace leadership; it provides faster, more accurate insights so decision-makers can act with confidence. A Forrester study found that organizations using AI-driven incident response reduce decision-making errors by 68%, allowing leadership to focus on strategy rather than firefighting.  

Myth #2: AI can’t improve decision-making in crisis situations  

Reality: AI accelerates response times by automating threat detection, response orchestration, and message dissemination. With AI, decision-makers get both speed and confidence, ensuring they act on the right intelligence at the right time.  

Myth #3: AI in risk intelligence is just hype  

Reality: Everbridge delivers risk intelligence 11 minutes faster using AI-powered automation. AI enables hyper-local insights, scales analysis beyond human capacity, and provides accurate, real-time risk assessment that decision-makers can trust. 

Myth #4: AI in CEM is too complex and expensive for organizations to implement  

Reality: Everbridge AI is purpose-built for ease of use. Customers don’t need data scientists – AI streamlines ORCA rule creation, incident response workflows, and resilience planning, ensuring fast implementation and immediate value. AI-powered CEM solutions integrate seamlessly with existing business operations. More importantly, the cost of implementation is far lower than the cost of a single major downtime incident. For every $1 invested in proactive resilience, companies save $7 in avoided losses (FM Global Resilience Index).  

Myth #5: AI in CEM is just about speed – it’s not actionable  

Reality: Everbridge AI doesn’t just accelerate processes – it provides precision, direction, and context. Our AI-powered platform helps organizations move from reactive crisis response to proactive resilience by automating the full CEM lifecycle. Everbridge is the only provider offering full-lifecycle AI-powered CEM, built specifically to handle physical and digital events with decision-ready risk intelligence.  

Myth #6: Businesses that rarely experience major disruptions don’t need automation   

Reality: The frequency of critical events has skyrocketed. Cyberattacks have increased by 38% year-over-year (Check Point Research), and supply chain disruptions are up 88% since 2020 (Resilinc). Organizations that plan ahead with automation avoid being caught off guard and significantly reduce financial risk.  

Myth #7: Crisis response can be handed manually  

Reality: Manual processes lead to delays, confusion, and financial losses. According to IBM, companies that take longer than five hours to respond to an incident experience 45% higher costs. AI-driven automation ensures immediate detection and response, cutting downtime by up to 75%.  

Myth #8: Only tech companies need AI-powered risk management

Reality: Every industry faces disruptions—retail, healthcare, finance, logistics. In the manufacturing sector alone, unexpected downtime costs businesses an estimated $50 billion per year (Forbes Technology Council). AI-powered CEM helps all industries mitigate operational risks and avoid catastrophic losses.  

Myth #9: Everbridge AI is just another automation tool  

Reality: Everbridge has invested $1B+ in AI, decision-ready risk intelligence, and automation, making it the industry’s most advanced AI-driven CEM solution. Our patented AI-enabled playbooks and risk intelligence network ensure that organizations not only react faster but build long-term resilience.  

Myth #10: AI in CEM is a future concept, not a reality  

Reality: Everbridge High Velocity CEM™ already integrates AI for:  

• AI-assisted BC/DR Planning – Automating plan creation and impact analysis. 
• AI-powered risk intelligence – Scaling global risk monitoring and hyper-local threat detection. 
• AI-authored alerts & templates – Reducing response time by automating message generation. 
• AI-enabled insights & playbooks – Automating best-practice response strategies. 
• AI-driven post-incident analysis – Improving future resilience planning with historical insights. 

Conclusion

The myths surrounding AI in critical event management can cloud its immense potential. When deployed effectively, AI doesn’t just provide speed—it empowers organizations with accuracy, automation, and actionable intelligence to prepare for, respond to, and recover from critical events. Everbridge High Velocity CEM stands as the only full-lifecycle, AI-powered solution capable of addressing today’s complex risks with precision and scale.

HR has always been about people. But it’s also about protecting them.

Workplace threats are real. Violence, severe weather, or a cyber issue that cuts people off from critical systems – they’re not edge cases anymore. HR teams are on the front lines, helping people stay informed, safe, and supported when something goes wrong.

This isn’t just about having the right policies. It’s about building a culture that’s prepared. It’s about strong coordination across teams and clear communication at every level.

At Everbridge, we talk a lot about resilience being a shared responsibility. It doesn’t sit with one department. HR plays a big part, because how you support your employees in tough moments reflects who you are as a company.

And that role is growing.

Today’s workforce is global and digital-first. People aren’t just sitting in one office. They’re spread across regions, time zones, and risk profiles. That creates complexity, but it also creates opportunity, if you’re ready for it.

We call this High Velocity Resilience

It’s not a tool or a checkbox. It’s a mindset that brings speed and clarity to complex situations. And it connects people, technology, and process so that response feels seamless.

We use a simple framework: Know, Respond, Improve.

• Know what’s happening and how it affects your people
• Respond with clarity and coordination
• Improve every time

That’s how you build confidence. That’s how you earn trust.

First: Know

You can’t respond to what you don’t see. HR needs visibility into where employees are, what risks might affect them, and how people are feeling in general. Are they confident in the company’s response plans? Do they know what to do in a crisis?

This means HR has to be looped into security, operations, and leadership. You can’t build strong support for your people if you’re kept in the dark. Sitting in on continuity planning and having a voice in how the organization prepares for disruption should be standard.

Second: Respond

When something happens, people turn to HR. It might be for guidance, a resource, or simply reassurance. That’s why HR needs to be part of any coordinated response.

Are your messages aligned with what security and leadership are saying? Can you reach employees across time zones? Do you have a process to check on impacted staff and escalate if someone doesn’t respond?

Fast, clear communication can be the difference between confusion and calm. At Everbridge, we believe every message should bring clarity. And it needs to reach the right people at the right time.

Third: Improve

After any disruption, there’s always something to learn. HR should lead that reflection with questions like: Did our people feel supported? What gaps did we uncover? Where can we simplify or speed up next time?

These insights belong in your training materials, playbooks, and onboarding. And they should feed back into the way your organization communicates, collaborates, and responds.

If your teams are still working in silos, that’s a problem. Risk doesn’t stay neatly in one lane, and neither should your response. HR, security, IT, operations: everyone needs to be on the same page.

The line between workplace and outside world is blurry. A local protest, a regional outage, or a weather alert can impact dozens or hundreds of employees within minutes. HR needs to be ready to lead in those moments, not just manage the fallout afterward.

This is a leadership opportunity. It’s about showing up for your people with consistency and care. It’s about building systems that support them no matter what’s happening around them.

Culture is resilience. A strong culture communicates clearly, moves quickly, and keeps people at the center. It doesn’t just survive hard moments. It learns and improves from them.

That’s the kind of culture we’re building at Everbridge. And it’s what we help other organizations build too.

Because when people feel safe, informed, and supported, they don’t just get through the crisis. They come out stronger.

Resilience isn’t just about bouncing back. It’s about staying ready in the face of constant change. We spoke with Sheila Carpenter, CIO at Everbridge, about what it really takes to lead IT teams through complexity, risk, and disruption. Her perspective is grounded, practical, and shaped by years of real-world experience.

1. What does IT resilience really mean today and how has your view of it evolved?

For me, resilience is about keeping systems running and teams aligned when the unexpected happens. That’s the obvious part. But what’s evolved is how we think about when the unexpected happens. It’s not occasional anymore. It’s constant – whether it’s cyber threats, outages, vendor issues, or even internal change.

So resilience isn’t just about recovery. It’s about adaptability. It’s the ability to respond with speed and clarity, minimize disruption, and learn something each time that makes you stronger for the next one. That mindset has to live in both your technology stack and your team culture. You can’t build it overnight, but you can get better at it over time.

2. What’s the biggest challenge CIOs are facing right now when it comes to resilience?

The hardest part is complexity. There are more systems, more integrations, more dependencies – and fewer clear lines of control. You’re responsible for the whole picture, but a lot of the pieces are owned by someone else: a cloud provider, a SaaS vendor, a third-party service.

You can’t just think about your own environment. You have to think about how everything fits together and what happens when any one piece breaks. That requires better visibility, better coordination, and a lot of upfront planning. It’s not glamorous work, but it’s the foundation of resilience.

3. What role does leadership play in building a culture of resilience?

Leadership sets the tone. If you treat resilience like a compliance checkbox, that’s how the rest of the organization will see it. But if you treat it as part of how you protect your people, your customers, and your mission, it becomes a priority.

For me, it’s about making sure teams know their role in the bigger picture. It’s also about encouraging the right kind of risk-taking – trying new things, testing systems, running drills – so that resilience becomes a habit, not just a response.

And when something does go wrong, how leaders respond matters. If you’re calm, clear, and focused on learning, that builds trust. And trust is what holds everything together when the pressure’s on.

4. Can innovation and resilience exist side by side?

Yes, but only if you plan for it. Innovation that skips over resilience becomes brittle. That’s especially true when rolling out new technologies. You can move fast, but you still have to ask the hard questions: What happens if this fails? How do we recover? Who needs to be involved?

In my experience, the best teams are the ones that bake resilience into the design phase. They test early. They build in monitoring. They have a response plan ready. That doesn’t slow down innovation, it protects it.

5. What advice would you give to IT leaders just getting started on their resilience journey?

Start small and be honest about where your biggest risks are. You don’t need a massive overhaul on day one. Look at your most critical systems. Where are you exposed? What would cause the most disruption?

Then build some muscle memory. Run a tabletop exercise. Automate a manual failover. Document a process that’s currently informal. Every small step makes a difference.

And keep the momentum going. Resilience is never “done.” It’s a mindset you build over time with people, process, and technology.

Technology runs through every part of a modern business. It powers remote work, automates operations, and helps deliver better experiences for customers. As digital transformation picks up speed, IT systems become more essential. But they also become more exposed to risk. Whether it’s a cyberattack, a service outage, or a failure in operations, these events aren’t rare. They’re part of doing business now.

This is why IT resilience matters. It’s more than just bouncing back from a problem. It’s about being ready, staying steady, and keeping things moving when challenges come up. And it’s not something that sits in the background. At Everbridge, we bring this to life with High Velocity CEM, a system that helps teams respond faster, stay coordinated, and keep improving. It uses Purpose-built AI to make sense of complex risks and turn insight into action.

Let’s look at how this kind of resilience gets built.

Why IT resilience has become a must-have

Downtime costs add up fast. According to Gartner, one minute of IT downtime can cost over $5,000. In high-stakes industries like healthcare and finance, the impact runs even deeper. There’s loss of revenue, customer frustration, and exposure to regulatory trouble.

The main drivers behind these disruptions include:

• Cyber threats: Attacks like ransomware and data breaches are more frequent and more advanced.
• System complexity: With cloud platforms, connected devices, and AI tools, there are more moving parts, and more ways things can go wrong.
• Higher expectations: People expect services to work all the time. Even a short disruption can cause lasting damage to trust.

Tools like High Velocity CEM are designed for this kind of environment. They help teams stay ahead by turning early signals into coordinated response.

Three principles of IT resilience

To build lasting resilience, businesses need more than backup plans. They need to build smarter, more responsive systems from the ground up.

1. Understand risk before it happens

Resilience starts with knowing where you’re vulnerable. This means taking a close look at systems and spotting weak points. The best teams do this on a regular basis. They test their systems, simulate threats, and act on what they learn.

For example, a financial services firm we work with runs regular cyberattack drills. These exercises highlight gaps in coverage and give the team a chance to adjust before anything real happens.

2. Let automation do the heavy lifting

When systems get too complex, humans can’t keep up on their own. That’s where Purpose-built AI makes a difference. It helps monitor systems, spot trouble early, and trigger the right actions automatically. Whether it’s detecting abnormal traffic patterns or predicting a server failure, these tools allow IT teams to focus on what matters most.

High Velocity CEM brings these capabilities into one place, so response doesn’t get delayed by silos or confusion.

3. Make it a team sport

Resilience can’t sit in the IT department alone. It depends on coordination across operations, security, leadership, and HR. Every group plays a part. The best results come when everyone is on the same page and working from the same plan.

For instance, before a planned system upgrade, the IT team might sync up with operations to keep workflows moving smoothly. At the same time, HR might help train staff to spot phishing attacks, which are a common source of disruption.

How leaders can make it stick

Resilience doesn’t just happen because the tools are in place. It takes leadership. Here’s what that looks like in action:

• Set it as a business goal. When resilience is built into strategy, it gets the resources and attention it needs. One retailer we support made system uptime a top priority and got there with fewer manual steps and stronger oversight.
• Encourage adaptability. The tools matter, but mindset matters more. When teams are open to change, test new ideas, and share what they learn, resilience becomes part of the culture.
• Make it real for others. Explain why it matters. Show how it protects people, strengthens operations, and builds trust with customers.

Lessons from the field

• Retail: An e-commerce company sought to handle traffic surges during the holiday season. With automation and real-time monitoring in place, they avoided outages and kept customers happy.
• Healthcare: A hospital network facing a ransomware attack relied on tested response plans and isolated systems. They restored critical operations quickly and protected patient data throughout the incident.

What’s next

Resilience used to mean being prepared. Now it means being fast, informed, and always improving. Technologies like edge computing and AI will bring new challenges, but also new ways to stay ahead of disruption.

With High Velocity CEM, organizations can put these pieces together. They can connect the dots faster, act with precision, and build stronger systems every time they face a disruption.

Resilience isn’t just a technical issue anymore. It’s a way to protect your people, your reputation, and your future.

Workplace safety is a critical aspect of any organization, ensuring the well-being of employees and the smooth operation of daily activities. Regular safety meetings and tabletop exercises are essential for reinforcing safety protocols, keeping everyone informed about the latest safety guidelines and best practices.

So here are 35 comprehensive workplace safety topics for meetings, designed to enhance your team’s knowledge and commitment to safety. 

How to make your safety talks more engaging

Ensuring that workplace safety talks are interactive and relevant with day-to-day examples will make them more engaging and effective. Some of the most memorable safety talks are short, focused, and relevant so that workers can easily apply the advice immediately and recall it in the long term. 

Interactive approach

Move beyond monologues. Encourage participation through quizzes, case studies, or role-playing. Engage employees by asking questions and involving them in discussions. Make sure no one is left out and reward engagement (for example, snacks and gift cards). 

Real-life examples

Share relatable stories or past incidents within your organization. Personal anecdotes resonate with employees and make safety concepts more tangible. Ask employees to share their experiences within the organization or in previous roles. Discuss what safety procedures could have changed these outcomes.

Visual aids

Use infographics, videos, or images to illustrate safety points. Visual content captures attention and enhances understanding. Share these visual aids after safety talks via email and other communication channels so people can revisit them to keep the knowledge fresh.

Variety

Change the format of safety talks. Sometimes, a short video works better than a lengthy presentation. Mix it up to maintain interest. Survey employees to ask them what their preferred formats are, and what could be done to make your workplace safety talks more engaging.

35 Workplace safety topics 

Here are a variety of safety topics you can use to keep safety at the forefront of everyday operations. Remember to tailor your safety talks to the specific work objectives and conditions that are most relevant to your employees.

1. Chemical safety and hazards 

Discuss proper handling, storage, and disposal of chemicals. Emphasize the importance of using appropriate Personal Protective Equipment (PPE) and understanding Safety Data Sheets (SDS). 

2. Carbon monoxide 

Educate employees on the dangers of carbon monoxide, symptoms of exposure, and preventive measures. 

3. Heat stress 

Discuss the risks of heat stress, including symptoms and prevention strategies such as hydration and acclimatization. 

4. Cold stress 

Discuss the risks associated with cold stress and how to mitigate them, including proper clothing and work/rest cycles. 

5. Fatigue 

Highlight the dangers of fatigue and its impact on safety. Discuss ways to manage fatigue through adequate rest, hydration, and workload management. 

6. Noise and hearing loss prevention 

Review noise control measures, such as PPE and engineering controls, to prevent hearing loss. 

7. Respiratory protection and infection 

Cover the proper use of respiratory protection to prevent inhalation of harmful substances and reduce the spread of infections. 

8. Burn prevention and treatment 

Discuss ways to prevent burns in your workplace and how to provide immediate treatment if burns occur. 

9. Emergency exits 

Ensure everyone knows the location of emergency exits and understands the importance of keeping them unobstructed. 

10. Personal protective equipment (PPE) 

Discuss the types of PPE required for different tasks and ensure employees know how to use them correctly. 

11. Electrical safety

Review electrical safety practices, including proper equipment use and what to do in an electrical emergency. 

12. Machine safety 

Ensure all machinery is used safely by discussing operating procedures, regular maintenance, and the importance of safety guards. 

13. Vehicle safety  

For employees who drive as part of their job, discuss safe driving practices, including severe weather driving and vehicle maintenance. 

14. Confined spaces 

Discuss entry procedures, monitoring, and rescue plans for working in confined spaces. 

15. Ladder safety 

Discuss safe ladder practices, including proper setup, use, and storage. 

16. Slips, trips, and falls prevention 

Review housekeeping practices, proper footwear, and hazard identification to prevent slips, trips, and falls. 

17. Ergonomics

Promote ergonomic practices to prevent musculoskeletal disorders. Discuss the importance of proper posture, equipment positioning, and taking breaks to reduce strain. 

18. Emergency preparedness and response 

Outline the procedures for various emergencies, including evacuation routes, assembly points, and communication plans. 

19. Hurricane and tornado protocol and response 

Review the specific protocols for severe weather events, including shelter-in-place procedures and emergency kits. Download our hurricane preparedness checklist.

20. Storm and flood response 

Prepare for natural disasters by discussing your organization’s response plans, emergency kits, and communication strategies.

21. Fire response 

Review fire prevention measures, the use and location of fire extinguishers, and evacuation procedures.

22. Wildfire response 

For areas prone to wildfires, discuss evacuation plans, air quality monitoring, and personal safety measures. 

23. Winter weather 

Prepare for winter weather by discussing safe practices for snow and ice removal, proper clothing, and driving in winter conditions. Download our winter storm preparedness checklist.

24. Waste management and recycling 

Discuss proper disposal and recycling methods to maintain a safe and clean work environment. 

25. Ventilation  

Ensure proper ventilation to reduce the risk of respiratory issues and improve overall air quality.

26. Physical wellbeing   

Promote healthy practices, including proper lifting techniques, stretching exercises, and maintaining physical fitness. 

27. Mental health

Address the importance of mental health in the workplace. Discuss stress management techniques, available resources, and creating a supportive environment. 

28. Stress management  

Discuss techniques for managing stress, including time management, relaxation techniques, and share available support resources. 

29. Substance abuse 

Address the impact of substance abuse on workplace safety and the importance of a drug-free environment. 

30. Medical and first aid 

Review basic first aid procedures and ensure employees know the location of first aid kits and how to use them.

31. Hand hygiene and protection 

Emphasize the importance of hand hygiene to prevent the spread of illness and discuss the proper use of hand protection for various tasks. 

32. Workplace violence 

Implement strategies to prevent workplace violence. Discuss warning signs, reporting procedures, and ways to de-escalate situations.

33. Active assailant  

Prepare employees for the unthinkable with active assailant drills. Discuss run, hide, fight strategies and emergency communication plans.

34. Bullying and harassment 

Address bullying and harassment in the workplace by discussing company policies, reporting procedures, and creating a respectful work environment. 

35. Reporting accidents and hazards 

Encourage prompt reporting of incidents and near-misses to help identify patterns and prevent future occurrences. Explain the reporting process and the importance of transparency. 

For more workplace safety topics, check out the OSHA site. 

Creating a safer workplace

Workplace safety is an ongoing process that requires regular attention and continuous improvement. By addressing relevant topics in your safety meetings, you can create a safer workplace environment and ensure that all employees are informed and prepared to handle various safety concerns

When employees actively participate in discussions, share experiences, and learn from one another, they collectively foster a safety-first mindset. A strong safety culture leads to fewer accidents and better overall well-being.

To further enhance your workplace safety measures, watch our webinar on workplace safety, where we are joined by industry experts, as they outline strategies to safeguard your organization and employees from modern-day risks.  

The safety of publicly accessible spaces is no longer a matter of choice or convenience; it is a responsibility that must be firmly embedded in our approach to security. This is the driving force behind Martyn’s Law, officially known as The Terrorism (Protection of Premises) Act 2025, which received Royal Assent in April. This landmark legislation is a critical step in bolstering the safety of public spaces and ensuring UK venues are better prepared to address the evolving threat of terrorism. 

The Act is named in memory of Martyn Hett, one of the victims of the 2017 Manchester Arena bombing. The attack exposed substantial gaps in security preparedness, leading to the tireless campaigning of Martyn’s mother, Figen Murray, to make public spaces safer. With Royal Assent secured, this law lays the groundwork for tangible safety improvements by compelling landlords and organizations to take proportionate measures to protect the public. 

Since 2017, 15 domestic terror attacks have been executed in the UK, with 43 late-stage plots thwarted by counter-terrorism agencies. In the UK, 245 people were arrested for terrorism-related activity in the 12 months before 30 September 2024, a 41% increase from the previous 12-month period. MI5 and the Counter Terrorism Police have more than 800 ongoing investigations into thousands of ‘subjects of interest’ who are suspected of direct involvement in terrorism. These numbers underline the persistent threat that necessitates this decisive action. The Act prioritizes prevention and preparedness, holding those responsible for public-facing venues and events accountable for reducing security vulnerabilities. 

Why Martyn’s Law matters for security professionals 

Prior to the Act, counter-terrorism preparedness often took a backseat to priorities like health and safety. The false assumption that terrorism is either infrequent or ‘unlikely to happen here’ left glaring gaps in the security of our public spaces and events. Martyn’s Law directly addresses this imbalance, mandating that premises adopt proportionate measures based on the size and scale of their operations. 

For security professionals, this law offers clarity. It brings defined responsibilities and removes the ambiguity about what is expected of organizations. This enables security teams and venue operators to move from reactive to proactive approaches, making public safety a foundational part of their operations. 

How the Act safeguards the public 

Martyn’s Law introduces a tiered framework based on the number of people present at a venue or event. This ensures that security measures are proportionate and practical. 

1. Standard tier premises 

For premises where 200–799 individuals may reasonably be expected at the same time, the Act requires that they develop clear public protection procedures. These include evacuation, invacuation, or lockdown plans. Staff must also receive basic training to handle potential incidents. 

Importantly, the focus for standard tier premises is on procedural readiness, not costly physical enhancements. These requirements aim to encourage smaller venues to prioritize safety without creating an undue financial burden. 

2. Enhanced tier premises and qualifying events 

For larger venues or events expecting over 800 attendees, an enhanced set of duties applies. These venues must not only implement public protection procedures but also take specific steps to reduce vulnerabilities. 

This includes measures such as documented risk assessments, stronger physical security protocols (like surveillance systems and bag search policies), and plans to mitigate crowd risks. A facility’s senior management will also be accountable for compliance, creating a clear chain of responsibility under the law. 

The enhanced tier requirements reflect the potential impact of an attack on large crowds, by ensuring that safeguards are robust enough to protect the public while remaining reasonable and practical. 

Exemptions under the Act 

Certain premises are exempt from the Act, as outlined in Schedule 2. This ensures that obligations do not overlap with existing security arrangements or apply where practical application is difficult. Exempt premises include government buildings, transport hubs such as airports and national rail stations, and open public spaces like parks unless used for large events. 

While exemptions exist, the Act is comprehensive in its scope and ensures that most places where crowds gather fall under its remit. 

The role of the Security Industry Authority (SIA) 

The Security Industry Authority (SIA) has been designated as the regulator of the Act because of its expertise in licensing and security compliance. The SIA will oversee the implementation of the law, maintain a register of duty holders, and issue guidance to support businesses in meeting their obligations. 

Enforcement measures by the SIA include compliance notices and financial penalties, with criminal prosecution possible for serious or repeated failures. However, the government intends for the SIA’s role to be primarily supportive during the 24-month implementation period, helping organizations adapt gradually to the new requirements. 

Why this legislation has widespread support 

The Protect Duty consultation revealed overwhelming public support for this initiative, with seven in ten respondents backing proportionate security measures for venues. The Act not only reflects this sentiment but also ensures it is actionable without becoming overly burdensome for businesses. 

For smaller venues, the emphasis is on simple, cost-effective measures like staff training and communication strategies. Larger venues are required to take more extensive steps, but only as far as is reasonably practicable. This balance between practicality and responsibility ensures the legislation achieves meaningful improvements in public safety. 

Supporting Martyn’s Law compliance

At Everbridge, we’ve long championed proactive security measures that embed resilience into organizations’ daily operations. Our critical event management solutions are specifically designed to help public-facing premises secure their spaces, enabling compliance with Martyn’s Law through real-time threat intelligence, enhanced communication, and risk reduction strategies. 

Now that the Act has received Royal Assent, organizations must act swiftly to understand how the requirements apply to their premises. By integrating innovative solutions and adopting robust emergency planning, venues can rise to the challenge posed by this law while building public trust. 

Martyn’s Law stands as a milestone in public safety, offering a vital framework to counter the dangerous realities of terrorism. For security professionals and decision-makers, preparing for its requirements is no longer optional; it is a legal and moral duty. 

The time to act is now. By implementing the necessary changes today, you can safeguard your organization and create spaces where safety and security are paramount. Together, we can honor the lives lost to past tragedies and build a safer future for all.