Football clubs and sports grounds will gather at Watford FC this July to discuss matchday readiness, SAG relationships, Martyn’s Law, Hillsborough Law, Showstop procedure and operational best practice ahead of the 2026/27 season.

Halo Solutions has announced the launch of KICKOFF//26, a new sports-focused pre-season readiness event taking place at Watford FC on Wednesday 8 July 2026.

The free-to-attend event has been created for football club and sports ground professionals involved in safety, stewarding, control room operations, security, stadium operations and matchday planning. Hosted at Watford FC, KICKOFF//26 will bring together clubs, industry specialists and the Halo team for a practical day focused on the checks, conversations and operational improvements teams can make before the 2026/27 season begins.

Designed as a practical alternative to a traditional conference, KICKOFF//26 will cover key themes shaping football and sports ground operations, including working effectively with Safety Advisory Groups, Martyn’s Law and approved training, Showstop for matchdays and non-matchdays, operational reporting, evidence, accountability and pre-season IMS readiness.

The agenda includes sessions from industry speakers including Steve Laws from Taylor Bridges, Steve Allen from Pink Bows/Showstop, and a representative of Hillsborough Law Now on what a legal duty of candour will mean for clubs.

Halo Solutions will also run a practical user-training session looking at how football clubs can use the Halo System to support pre-season preparation, matchday management, incident reporting, operational visibility and utilise new feature uplifts ahead of the new season.

Lloyd Major, Founder and CEO of Halo Solutions, said:

“Pre-season is when clubs actually have a bit of breathing room to fix the things that become painful once fixtures start. KICKOFF//26 is about getting the right people in the room, sharing what works and helping clubs feel prepared before matchday pressure kicks back in.”

He added:

“Football safety and operations teams deal with a huge amount behind the scenes. From stewarding and control room communication to reporting, escalation and working with partners, there are so many moving parts that need to be ready before the first fixture. This event is designed to be useful, practical and relevant to the people who make matchday happen.”

KICKOFF//26 is free to attend, with lunch and refreshments included. Places are limited, open to both existing Halo customers and clubs and sports grounds interested in improving matchday readiness and operational processes.

Event details

Event: KICKOFF//26
Date: Wednesday 8th July 2026
Venue: Watford FC, Elton John Suite
Arrival: From 9:30am
Start: 10:00am
Cost: Free to attend (registration required)

Football clubs and sports grounds can view the agenda and register at:
https://www.halosolutions.com/halo-pre-season-football-conference/

Halo Solutions has officially achieved ISO 27001 certification, marking a major milestone in our continued commitment to information security, data protection and operational resilience.

For Halo, this certification is more than a badge. It is an internationally recognised standard that demonstrates we have the right systems, processes, controls and culture in place to manage information securely and responsibly.

As a platform used by safety, security and operations teams across venues, stadia, transport networks, campuses, events and other safety-critical environments, trust sits at the heart of what we do. Our customers rely on the Halo System to support real-time incident management, operational visibility, multi-agency coordination and audit-ready reporting. That means the protection of information, customer data and operational records is not an optional extra. It is central to the way we build, deliver and support our technology.

Achieving ISO 27001 certification, with the help of compliance partners Axipro, shows that Halo has been independently assessed against a rigorous information security management framework. It reflects the controls we have put in place to identify, assess and manage risks relating to data confidentiality, integrity and availability.

In practical terms, this means our customers can have even greater confidence that Halo takes a structured, proactive and continually improving approach to information security. From access controls and risk management processes to supplier oversight, internal policies, staff awareness and incident response procedures, ISO 27001 provides a recognised framework for protecting the information entrusted to us.

It also supports our wider commitment to data protection. Organisations using Halo often operate in complex, high-pressure environments where sensitive operational information may be recorded, shared and reviewed. Maintaining strong data governance and security standards helps ensure that information is handled appropriately, protected from unauthorised access, and available to the right people when it is needed most.

This milestone strengthens the foundations we are building as Halo continues to scale. As we grow across sectors and geographies, ISO 27001 gives our customers, partners and stakeholders another clear signal that we are serious about security, resilience and responsible data management.

Lloyd Major, Founder and CEO of Halo Solutions, said:

“Our customers trust Halo to support some of the most high-pressure safety and security operations in the world. Achieving ISO 27001 certification is an important step in demonstrating that we take the protection of their information just as seriously as the operational challenges we help them manage. It reflects the hard work of the whole team and reinforces our commitment to building technology that is secure, reliable and trusted.”

ISO 27001 certification is not the end of the journey. It is part of an ongoing commitment to continually review, improve and strengthen the way we protect information across the business.

As Halo continues its mission to create safer places, everywhere, this certification marks another important step in building the secure, trusted and resilient technology infrastructure modern safety and security teams need.

Learn more about how Halo protects your data in our Data Privacy Trust Centre.

Visit our Data Privacy Trust Centre

A stadium incident management system (IMS) has to earn its place in the control room.

If it slows reporting down, creates another place for you to check, or only produces useful information after the event, it will not last long. Your team will default back to radio, paper, spreadsheets, WhatsApp, or whatever gets the job done fastest.

That does not mean manual tools are always better, just a comfortable default for many of us. It shows us that the system you choose has to fit the pace and structure of your operation.

This buying guide is for stadium and venue teams reviewing how they manage their daily and event-day tasks, incidents, monitoring and reporting. It applies whether you are moving away from manual processes, replacing a system that no longer works for you, or adding capability around public reporting, audit trails, task management or live dashboards.

Because the right system should be judged by the jobs it performs during live operations, not by the length of its feature list.

This guide covers:

  1. How to prepare for the buying process before speaking to suppliers
  2. The five jobs a stadium security management system needs to do
  3. The specific features and functionality to look for
  4. Comparing systems and what questions to ask during demos and procurement
  5. How to assess system fit for your venue, teams and existing workflows

Before You Compare Systems: Prepare the Buying Process Properly

The incident management system (IMS) you choose will affect more than the security team.

It will touch the control room, safety team, stewarding provider, contractors, guest services, medical provision, cleaning, facilities, IT, data protection, procurement, finance and senior leadership. In some venues, it may also affect how information is shared with police, local authorities, Safety Advisory Groups and other event partners.

But that still doesn’t mean everyone will have the same exact requirements, and to avoid wasting time and money on lengthy onboarding, staff training and teething problems only to find that the system you purchased isn’t for you, its better to get it right the first time around. The more you prepare your buying process, the more successful it will be in helping you decide the best system for you.

Start by defining the problem

Before speaking to suppliers, be clear about what is driving the review.

If you don’t already have a dedicated IMS, the issue may be that incident information is spread across radio logs, paper forms, spreadsheets, emails and post-event recollection.

If you’re replacing a system or systems, the issue may be poor adoption, slow reporting, weak dashboards, limited customisation, poor supplier support, lack of public reporting, or reporting that still requires manual collation.

Or, if you’re looking to add capability to your existing processes, the issue may be more specific: public reporting, multi-agency access, task management, audit trails, location mapping, offline use or better dashboards.

Useful starting questions include:

  • Where does incident information currently start? Is it early enough?
  • Who receives it first? And in what form?
  • Where is it recorded?
  • Who updates it?
  • How are actions assigned?
  • How are decisions logged?
  • How are public reports received?
  • How are contractors/3rd parties included?
  • How long does post-event reporting take?
  • What cannot be evidenced easily after the event?

By establishing what your pain points are and defining what your incident management system needs to achieve, you can more productively compare suppliers’ offerings.

Identify your stakeholders early

A common buying mistake is involving operational users too late, or allowing non-operational stakeholders to dominate the requirements.

A good process usually separates stakeholders into four groups:

Decision-makers: budget holders, senior leadership, procurement.
System owners: head of security, safety officer, operations lead, control room manager.
Users: stewards, supervisors, contractors, medical, cleaning, facilities, guest services.
Assurance stakeholders: IT, data protection, legal, compliance, SAG-facing teams.

Each group needs different evidence.

Senior leadership may need risk reduction, reporting value and business case clarity. Control room teams need usability and operational fit. IT needs cyber, hosting, integration and access control detail. Data protection needs clarity on roles, permissions, retention and data ownership. Procurement needs value, implementation plans and supplier credibility.

By knowing early on who will need what information, you can be sure to gather this as quickly as possible and build an effective business case.

Define a realistic first phase requirements

Avoid trying to solve every problem on day one. A strong first phase for a stadium often includes:

  • Live incident reporting
  • Control room dashboard
  • Matchday task checks
  • Team functionalities
  • Public reporting route
  • Post-event reporting
  • Digital audit trail

Additional capability can follow once adoption is established.

Get ready to test with real stadium scenarios

Do not accept a generic demo.

Ask suppliers to demonstrate scenarios that reflect your operation:

  • A public report of discriminatory abuse that is simple and accessible
  • A medical incident that can be shared with 1 or more teams
  • A recurring task like pre-event checks
  • An adhoc task like an out-of-schedule toilet check
  • A disorder incident requiring police liaison/3rd party system sharing
  • A missing child or vulnerable person workflow
  • A failed pre-opening safety check
  • A post-event SAG report
  • Ad hoc task creation
  • A busy match day with multiple live dashboards

The question is not “can the system do incident reporting?” It’s “can it support the way we actually run?”

The 5 Jobs Your Security Management System Needs to Do

Job 1: Capture Live Information From the People Closest to the Incident

The first job of an incident security management system is to make live reporting fast, accurate and usable.

If a steward, supervisor, contractor or response team cannot report quickly from wherever they are, the system will not become part of the operation. It will become something people update later.

The need

Frontline teams are usually closest to the earliest signs of an issue. They see the spill, the blocked route, the crowd tension, the medical concern, the abuse, the suspicious behaviour, the damaged barrier, the lost child, the refusal of entry.

The system needs to help them capture that information with enough structure for control to act on it.

That does not mean long forms. It means the right forms.

What to look for

A suitable system should include:

  • Mobile incident reporting
  • Simple forms for frontline use
  • Custom forms to adapt to your
  • Mandatory fields for critical information
  • Photo, video and document uploads
  • Time and date stamping
  • Location tagging by stand, block, gate, concourse, fan zone, car park or external footprint
  • Ability to update existing incidents
  • Offline mode for low-signal areas
  • Push alerts and reminders
  • Access to key documents, procedures and aide memoires

Offline capability can be a real bonus for venues with weak connectivity in service areas, back-of-house spaces, lower concourses, temporary structures or external areas. If the system stops working when signal drops, it will not support live operations properly. Be sure to test this properly and ensure the focus is on preserving the audit trail.

What to avoid

Be cautious of systems that:

  • Require too many clicks to submit a basic report
  • Use the same form for every incident type
  • Cannot capture photos or videos directly
  • Depend on perfect signal
  • Require control room staff to re-key frontline reports
  • Make it difficult to update an incident once created
  • Use generic location fields that do not match the venue

Buying questions to ask

  • Can frontline users submit a report in under 60 seconds?
  • Can different teams have different forms?
  • Can forms be changed without supplier development?
  • Can users add photos, videos and notes from the scene?
  • Can the system prevent missing critical information (like with required fields)?
  • Can it work offline?
  • Can temporary, contractor or agency users access only what they need?
  • Can reports be triaged before wider sharing?

Demo test

Ask the supplier to demonstrate incident reporting workflow by showing a steward logging anti-social behaviour from a mobile device, including stand/block location, image upload, priority level, control room notification and follow-up update.

Job 2: Give the Control Room a Usable Live Picture

The second job is turning incoming reports into a live operational picture.

Collecting information is not enough. The system has to help control room teams understand what is active, what is escalating, who owns each action and where pressure is building.

The need

A control room may have plenty of information but still lack clarity.

That usually happens when incidents, tasks, updates and team activity sit in separate places. Radio carries one version. A spreadsheet carries another. Contractor updates sit somewhere else. Public reports arrive through a different channel. By the time the post-event log is assembled, the live opportunity has gone.

An incident security management system should help control manage live work, not simply store records.

What to look for

A strong control room view should include:

  • Live incident dashboard
  • Incident status tracking
  • Priority and severity levels
  • Filters by location, team, category, status, owner etc
  • Map or site-plan view
  • Task and incident visibility in the same environment
  • Assignment and reassignment of actions
  • Live updates and notifications
  • Escalation functionality
  • Complete (automated and manual) activity log
  • Multi-dashboard mode for different teams, logs or operational areas
  • Full overview/control dashboard

Multi-dashboard management is particularly useful for larger venues. Security, safety, medical, facilities, cleaning, guest services and senior command may each need different views, while control still needs overall visibility.

What to avoid

Be cautious of systems that:

  • Show incidents as a list but not as an operational picture
  • Cannot filter quickly by type, zone or team
  • Separate incidents and tasks completely
  • Require manual refreshes or exports to see trends
  • Do not show ownership clearly
  • Do not show what has changed since the last update
  • Create dashboards that look useful in management reports but not during live operations

Buying questions to ask

  • Can control see all active incidents in real time?
  • Can incidents be filtered by zone, category, owner, severity etc?
  • Can tasks and incidents be viewed together?
  • Can users assign and reassign actions from the dashboard?
  • Can different teams have different dashboards?
  • Can senior leaders have a real-time overview?
  • Can control manage multiple logs or event areas at once?
  • Can the system show real-time reports and/or analytics during the event?

Demo test

Ask the supplier to show all live incidents in one zone, filter them by severity, reassign someone, update the status, and show how that appears on the control dashboard and on mobile.

Job 3: Coordinate Multiple Teams Without Losing Control

The third job is multi-team coordination.

Most stadium operations involve several teams, and not all of them should see the same information. The system needs to support collaboration without creating uncontrolled access.

The need

Security and incident management is rarely contained within one team. A single incident can involve stewards, control, police liaison, medical, safeguarding, guest services, cleaning, facilities and senior leadership.

Without proper multi-team functionality, venues often rely on workarounds: WhatsApp groups, radio relays, email chains, separate contractor spreadsheets or duplicated logs.

Those workarounds are familiar, but they create problems. Sensitive information can be overshared. Updates can be missed. Teams can duplicate actions. The audit trail becomes fragmented.

What to look for

An incident management system designed for multi-team use should include:

  • Multiple teams and departments
  • Role-based access control
  • Team-based permissions
  • Team-specific dashboards
  • Team-specific logs
  • Multi-agency logging
  • Controlled sharing between teams
  • Ability to tag users, teams or agencies
  • Read-only access for observers
  • Secure sharing of images, descriptions and updates
  • Full record of who created,, observed, updated and closed an item

This is especially important for incidents involving medical details, safeguarding, arrests, ejections, intelligence, suspicious items, vulnerable persons or police activity.

What to avoid

Be cautious of systems that:

  • Treat all users as one general group
  • Require separate systems for contractors
  • Cannot control who sees what
  • Make it difficult to share one incident with selected teams
  • Do not show who owns each action
  • Cannot remove/restrict temporary or agency users quickly
  • Rely on external messaging apps for updates

Buying questions to ask

  • Can different teams have different views?
  • Can contractors access only their tasks or incidents?
  • Can one incident be shared with selected teams only?
  • Can sensitive categories be restricted/controlled?
  • Can team dashboards be configured separately?
  • Can control retain oversight across all teams?
  • Can the system support police, medical or local authority observer access if required?
  • Is every user action auditable?
  • Are there different levels of user types e.g Admin and User?

Demo test

Ask the supplier to show how a public report of discriminatory abuse would be received, triaged, restricted, shared with the relevant team, updated by control and exported later for review.

Job 4: Fit the Way Your Venue Actually Works

The fourth job is flexibility.

An incident management system needs enough structure to maintain standards, but enough flexibility to reflect the venue’s actual operation.

The need

A football stadium, cricket ground, rugby stadium, racecourse, arena and motorsport venue may all need incident management, but they do not operate in exactly the same way.

Even within one venue, workflows change by event type. A league fixture, international event, concert, high-risk fixture, corporate event and community day may each involve different teams, zones, incident types, checklists and escalation routes.

If the system cannot flex, teams will work around it.

What to look for

A flexible incident management system should include:

  • A simple but flexible form builder e.g drag and drop
  • Custom incident types
  • Custom task types
  • Custom fields
  • Mandatory fields
  • Conditional questions
  • Custom in-system labels
  • Bespoke site mapping
  • Zones within zones
  • Custom dashboards
  • Configurable reports
  • Document/file library
  • Ability to change, create and delete customisations without long supplier development cycles

Location flexibility is particularly important. Stadium teams may need to filter incidents by stand, block, row, vomitory, concourse, search lane, hospitality suite, car park, fan zone, transport interface or external footprint.

What to avoid

Be cautious of systems that:

  • Force every venue into the same incident categories
  • Require supplier support for every small form change
  • Cannot reflect your location structure
  • Cannot create event-specific forms
  • Make forms so generic they lose operational value
  • Overly complex customisations

Buying questions to ask

  • Does the system come with any standard forms?
  • Can we build and edit our own forms?
  • Can we create custom incident and task types?
  • Can we create mandatory fields and conditional questions?
  • Can locations be configured to match our stadium?
  • Can we create zones within zones?
  • Can dashboards be configured/edited/moved around?
  • Which changes can we make ourselves?
  • Which changes require supplier support?
  • How long does initial configuration usually take?

Demo test

Ask the supplier to build a custom “Ejection / Refusal of Entry” form live during the demo. Include fields for location, reason, steward ID, police involvement, body-worn video reference, safeguarding concern, image upload and notes/free text.

Job 5: Create a Defensible Record for Review, Compliance and Improvement

The fifth job is auditability.

After the event, your incident management system needs to show what happened, when it happened, who knew, what action was taken, and what evidence supports the record.

The need

If the venue has to reconstruct the timeline from paper logs, radio traffic, WhatsApp messages, emails, spreadsheets and memory, the record is already compromised, which can cause real issues for serious incidents, complaints, safeguarding concerns, medical events, disorder, insurance queries, civil claims, police enquiries, internal investigations and SAG debriefs.

Without a un-tamperable, re-traceable, defensible audit trail, you can open up your teams and organisation to stakeholder scrutiny, fines and even legal ramifications.

What to look for

A defensible system should include:

  • Automatic time and date stamps
  • User attribution for every entry
  • Full incident chronology
  • Action/update log
  • Linked tasks and incidents
  • Evidence attachments
  • Activity history
  • Secure report exports
  • Analytics by time, location, type, event, team etc
  • Debrief functionality
  • Custom reports
  • Data retention controls
  • Clear data ownership and hosting arrangements

What to avoid

Be cautious of systems that:

  • Can export a report but cannot show a reliable timeline
  • Do not attribute updates to individual users
  • Cannot link tasks and/or incidents
  • Store evidence outside the incident record
  • Require manual spreadsheet work for every review
  • Cannot present trends
  • Do not have sufficient access control e.g SSO, MFA
  • Make it difficult to retrieve historic information

Buying questions to ask

  • Is every update time and date stamped?
  • Can we see a full timeline for each incident?
  • Are actions and decisions shown for incidents?
  • Can evidence be attached directly to the record?
  • Can tasks be linked to incidents? Can 2 or more incidents be linked/merged?
  • Can reports be exported without manual collation?
  • Can we analyse by location, event type, team, category and outcome?
  • Can sensitive information be restricted or redacted?
  • Where is our data stored?
  • Who owns the data?
  • What happens to our data if we leave the supplier?

Demo test

Ask the supplier to generate a post-event report showing incidents by location, category, event, assigned team and outcome. Then ask them to open one incident and show the full timeline, evidence, updates and actions.

Comparing Incident Management Systems: A Practical Buying Framework

Once you’ve had a demo of each system, it’s time to compare them by operational fit. Here’s a handy table to keep track:

Buying areaWhat to assessWhat to ask
Frontline adoptionWill staff use it during a live event?Can a report be submitted quickly from mobile, including photos and location?
Control room valueDoes it improve live decision-making?Can control see active incidents, tasks, owners and priorities in real time?
Multi-team useCan teams work together without losing control?Can dashboards and sharing be controlled by team or role?
FlexibilityCan it fit your venue and event types?Can you build custom forms, categories, locations, events/Logs and reports?
AuditabilityCan it evidence what happened?Are actions, updates, decisions and evidence time-stamped and exportable?
ImplementationCan you go live without overwhelming users?What does onboarding, training and configuration look like? How user-friendly is it?
MigrationCan it replace or sit alongside existing tools?What happens to historic data, current processes and existing reports?
SupportDoes the supplier understand live operations?Who supports configuration, go-live and post-launch improvement? How easy is it to access ongoing support? What is the technical support process and response time like?
Data governanceCan IT and data protection sign it off?Where is data hosted, who owns it, and how is access controlled? What technical requirements are there (whitelisting, APIs etc)
Long-term fitWill the system grow with the operation?What is the roadmap, and how are customer needs prioritised?

Advice for Teams Buying Their First Security Management System

For teams moving away from paper, spreadsheets, radio-only records or informal messaging, the biggest risk is trying to digitise too much too quickly.

Start with the processes that create the most risk or manual effort.

Usually, that means:

  • Live incident reporting
  • Control room visibility
  • Matchday/pre-event checks
  • Public reporting
  • Contractor/agency access
  • Post-event reporting
  • Audit trail

Map the current process first. Then decide what should be kept, what should be simplified, and what should stop altogether.

A first system should not just recreate the old process on a screen. It should reduce duplicated work, improve visibility and make the record stronger.

See how we helped this customer save 25-30 hours a week on manual reporting after implementing The Halo System ->

Advice for Teams Replacing or Upgrading an Incident Management System

For teams already using a system, the buying process should start with a clear gap analysis.

Common reasons to replace or upgrade include:

  • Poor frontline adoption
  • Too many clicks to log incidents
  • Poor mobile experience
  • Limited custom forms
  • No offline mode
  • Poor reporting
  • Limited dashboards
  • Inadequate customisations
  • No public reporting
  • Poor supplier support
  • Too much admin to configure or maintain
  • Lack of fit across both daily and event-day operations

Before changing supplier, be honest about whether the issue is the platform, the configuration, the rollout, or user behaviour.

A good replacement process should include:

  • Review of current processes
  • User feedback from control and frontline teams
  • Reporting gap analysis
  • Permission model review
  • Data migration plan
  • Pilot event
  • Training plan
  • Go-live support
  • Post-launch review after the first few events

If the existing system has failed because it was too complex, do not replace it with another complex system. If it failed because it was too rigid, prioritise configuration. If it failed because frontline teams never adopted it, test mobile reporting properly before buying.

What a Good Stadium Incident Management System Looks Like

A good stadium incident management system should feel like part of the operation.

It should help a steward report quickly, a supervisor update clearly, control assign confidently, teams share securely, and senior leaders review evidence without manual reconstruction.

It should reduce radio clutter, not create extra admin.

It should improve situational awareness, not become another screen nobody trusts.

It should fit the venue’s structure, not force the venue into generic workflows.

It should produce a defensible record without relying on someone to piece the day together afterwards.

The real buying test is simple:

Can this system perform the five jobs during live operations, with the people, pressure and constraints we actually have?

Introducing: The Halo System

Halo is designed around these five operational jobs: live reporting, control room visibility, multi-team coordination, flexible configuration and audit-ready reporting.

The Halo System brings together mobile reporting, live dashboards, custom forms, multi-team access, public reporting, task management, mapping, offline mode, reporting and analytics into one connected platform for venues, stadia, arenas and other high-pressure public environments.

For stadium teams comparing incident management systems, Halo is best assessed in the same way any system should be assessed: against real matchday scenarios, real team structures, real reporting pressures and the practical question that matters most:

Will this help us run safer, clearer and more defensible operations when the venue is live?

Try it out today with a personalised demo, and ask us about our free and extended system trials

Book a demo

A new virtual reality training programme designed to improve safety across the UK’s night-time economy is set to launch in 2026.

Developed by Birmingham-based arts and activism organisation Calico, Voices in the Dark uses immersive VR technology to help staff in bars, pubs, nightclubs and casinos, as well as police, security teams and local authorities, better understand women’s lived experiences on a night out.

Rather than simulating specific incidents, the training places participants in the perspective of women navigating the night-time economy, highlighting the safety considerations, decisions and subtle moments that can shape how safe someone feels.

The launch comes at an important time for venues, operators and frontline teams, as public safety expectations continue to evolve and new legislation makes public sexual harassment a criminal offence in England and Wales.

At Halo, we believe safer public spaces rely on more than response alone. Awareness, training, culture and joined-up working all play a vital role in helping teams spot concerns earlier, support people more effectively and create environments where everyone feels safer.

The programme has already been piloted with attendees from across the sector, including police, local authorities, Business Improvement Districts and venue operators, and will begin rolling out to venues and partners across the UK.

Read the full story here

The statutory guidance for the Terrorism (Protection of Premises) Act 2025 (aka Martyn’s Law) gives organisations the clarity they’ve been asking for around what’s expected, and now many are asking the same question: What will it really take to be Martyn’s Law Compliant?

For many, the instinct will be to approach this like any other regulatory change — review the requirements, update policies, and implement new processes or systems.

That approach will address part of the requirement, but it won’t fully meet the intent behind the legislation.

Because Martyn’s Law is not primarily about what you have written down, it’s about what your operation is capable of doing when it matters. At its core, this is a shift from compliance on paper to capability in practice.

What Has Changed: From Best Practice to Legal Requirement

For years, protective security has been guided by best practice and voluntary adoption, and the challenge has been consistency. Some organisations have invested heavily in preparedness while others have focused on areas with clearer regulatory pressure.

Martyn’s Law changes that balance.

It establishes a legal baseline for preparedness, requiring organisations to take proportionate steps to reduce harm in the event of a terrorist incident.

Importantly, it does this without prescribing exact solutions.

Instead, it requires organisations to determine what is:

  • Appropriate to their environment
  • Reasonably practicable based on risk, resource, and context

You are no longer being asked whether you are aware of best practice.
You are being asked whether your operation can demonstrate preparedness.

That includes:

  • Having clear procedures
  • Understanding vulnerabilities
  • Being able to evidence decisions
  • Ensuring everything works together under pressure

The assumption underpinning the legislation is simple:

You cannot predict exactly what will happen. But you can control how well you are prepared to respond.

Martyn’s Law Requirements Explained

When broken down into practical terms, the Act sets out four key areas organisations must address.

1. Appointing a Responsible Person

Each premises or event must have a Responsible Person.

For enhanced tier environments, this includes a senior individual accountable for compliance.

This is not just an administrative requirement.

It establishes:

  • Clear ownership of safety and security
  • A focal point for coordination
  • Accountability for how procedures and measures work in practice

In effective operations, this role becomes more than oversight. It becomes a driver of standards, training, and continuous improvement.

2. Public Protection Procedures

All in-scope organisations must be able to respond through four core actions:

  • Evacuation
  • Invacuation
  • Lockdown
  • Communication

Most organisations already have policies & procedures for these in some form. The difference under Martyn’s Law is the expectation that these are:

  • Clearly defined
  • Understood by staff
  • Usable under pressure
  • Adaptable to real-world scenarios

This is not about having conceptual procedures written down somewhere buried in a hard drive or sitting on a shelf. It’s about creating and reinforcing practices that are widely and easily applicable, suitable and realistic for your organisation, and well known by all staff so that they can apply them when needed without hesitation.

3. Public Protection Measures (Enhanced Tier Only)

Larger or more complex environments must go further by:

  • Assessing vulnerabilities
  • Implementing proportionate mitigations
  • Considering:
    • Monitoring and surveillance
    • Movement and access
    • Physical security
    • Information security
Diagram showing Enhanced Duty requirements to be Martyn’s Law Compliant, including monitoring premises, controlling movement of individuals, ensuring physical security, and securing sensitive information to reduce terrorism risk.

This moves beyond response into prevention and risk reduction.

4. Documentation and Auditability

Organisations must be able to:

  • Document procedures and measures
  • Explain how they reduce risk
  • Provide evidence to the regulator (SIA)

This creates a clear expectation of defensible operations.

It’s not enough to act appropriately, you must be able to demonstrate that you did.

Why Procedures Alone Won’t Deliver Compliance

When preparing for Martyn’s Law, it is natural to look for ways to implement the requirements efficiently, which often leads to two approaches:

  • Expanding documentation
  • Introducing new technology

Both can add value. Neither solves the problem on their own.

The legislation does not require you to have the most detailed procedures or the most advanced systems, it requires you to demonstrate that your operation can respond effectively under pressure.

That outcome cannot be created through documentation alone.

It also cannot be purchased…

Technology can significantly improve visibility, communication, and auditability. A well-implemented incident management system can provide a single source of truth, enable real-time reporting, and create reliable, time-stamped records.

But those outcomes depend on how the operation around it functions; If reporting is inconsistent then systems will reflect that inconsistency; if teams are not engaged then tools will be bypassed; if processes are unclear then technology will not resolve but expose those gaps.

The same applies to documentation.While detailed procedures may appear robust, if they are not usable in practice then they introduce hesitation rather than clarity.

This is why the legislation points beyond tools and documents, toward something more fundamental.

The Role of Culture in Achieving Martyn’s Law Compliance

At the heart of the statutory guidance is a principle that underpins everything else: effective protective security is built on a shared security culture.

This is not an abstract concept. It has clear operational implications.

A strong security culture influences how people behave when something happens. Like whether:

  • Incidents are reported quickly,
  • Information is shared openly,
  • Individuals take responsibility or wait for instruction,
  • Teams coordinate effectively across boundaries.

It also shapes how the organisation prepares:

  • How seriously training is taken
  • How procedures are developed and reviewed
  • How lessons are learned and applied

This is why the guidance places responsibility at both organisational and leadership levels. Culture is not something that sits alongside compliance — it is what enables compliance to function in practice. And it doesn’t occur by accident. It comes from clear expectations, consistent behaviours and ongoing engagement from leadership

When culture is strong:

  • Procedures are understood because they are used
  • Systems are effective because they are trusted
  • Decisions are made with confidence

Without it, even well-designed processes and expensive technologies struggle to deliver the intended outcome, which becomes particularly important when looking at how operations perform day-to-day.

What Will ‘Good’ Look Like?: A Compliant and Capable Operation

In practice, well-prepared organisations tend to share the same characteristics.

Clear, adaptable procedures

  • Focused on core actions (evacuate, invacuate, lockdown, communicate)
  • Simple enough to be understood quickly
  • Flexible enough to apply across different scenarios

Trained and confident teams

Real-time operational visibility

  • Information is reported from the ground as it happens
  • Control rooms maintain an accurate, shared picture
  • Decisions are based on current, reliable information

Defensible audit trails

  • Actions and decisions are recorded as they happen
  • Organisations can clearly demonstrate:
    • What was known
    • What was done
    • Why decisions were made

This is essential for the learning and continuous improvement that ensures policies, procedures, tools and training all remain up to date and relevant.

Strong leadership and accountability

The Responsible Person and wider leadership team are actively involved in setting standards, reviewing performance, and ensuring that safety and security remain a priority.

In environments like these, compliance isn’t treated as a separate exercise to be ‘ticked off’, but is a by-product of how the operation functions.

Martyn’s Law does not introduce new risk. It highlights that some operations are reliant on assumptions, workarounds and unproven or untested processes.

The organisations that will feel most confident in their compliance with Martyn’s Law will not be those with the most documentation or the highest tech spend.

They will be the ones where teams understand their role, information flows clearly, decisions are made with confidence and safety and security are embedded into daily operations

When that’s in place then compliance is no longer something separate.

It becomes a natural outcome of a well-run operation.

The campus security landscape has fundamentally changed

Across the higher education sector, expectations around campus safety have shifted — not dramatically, but meaningfully.

Universities are operating in increasingly complex environments, where open access, high footfall, and multiple stakeholder groups intersect with growing scrutiny around safeguarding, protest management, and duty of care. Recent coverage from BBC News reflects this broader context, but for most campus security teams, it’s simply an extension of what they’re already managing day-to-day.

What has changed more noticeably is the expectation around how incidents are handled — and, importantly, how clearly those actions can be understood and evidenced afterwards.

At the same time, many of the systems supporting campus operations have evolved more slowly. It’s still common to see information spread across multiple tools, with teams relying on a combination of formal systems and informal communication channels to manage incidents and day-to-day activity.

As a result, the conversation is beginning to move away from what tools are in place, and towards a more practical question:

What should a modern campus security system actually deliver in a university environment today?

What are the core requirements of modern campus security systems?

A university campus presents a uniquely demanding operational environment, combining open public access, high-density populations, and a wide range of incident types — from routine welfare concerns through to complex, multi-agency responses.

Within that context, the effectiveness of a campus security system is defined less by individual features, and more by how well it supports coordination, visibility, and accountability while reducing unnecessary operational overhead.

In practice, several requirements are becoming increasingly difficult for universities to operate without:

key features of university security systems

1. A single source of truth for campus security operations
Incidents, actions, and communications need to sit within one consistent operational record. When information is spread across multiple tools, teams end up duplicating effort or piecing together updates. A centralised approach reduces that friction and keeps decisions aligned.

2. Built-in multi-agency coordination across university teams and partners
Campus incidents rarely sit within one function. Security, estates, welfare teams, contractors, and external services all need to coordinate effectively. Systems should enable a shared, real-time operational picture, rather than relying on manual handovers.

3. Real-time visibility across campus safety and day-to-day operations
Security leaders need visibility as situations unfold — not just after the fact. This supports more proportionate responses, better prioritisation, and less reliance on delayed or incomplete information.

4. Audit-ready reporting and compliance for university security environments
Clear, time-stamped records of actions, decisions, and involvement are now essential. Fragmented or manual processes make this harder to achieve, even when responses themselves are appropriate.

5. Support for day-to-day operational activity to drive consistent usage
Systems need to support routine tasks and workflows, not just major incidents. Consistent day-to-day use is what ultimately drives adoption and reliability when it matters.

6. Accessible public reporting for students, staff and visitors
Universities need a simple way for people to report incidents or concerns without friction. Requiring logins or complex processes can discourage reporting altogether. Providing secure, accessible options for self-reporting helps capture more accurate information, earlier — and supports a more proactive approach to campus safety.

Why fragmented campus security systems create operational risk

In many universities, the challenge is not a lack of capability, but a lack of connection between systems.

Incidents may be logged in one platform, communicated through another, and formally reported elsewhere. While this can function day-to-day, it often requires teams to manually transfer information, duplicate updates, or rely on informal channels to keep everyone aligned.

Over time, this creates a fragmented operational picture.

The impact is rarely a single point of failure, but rather a gradual accumulation of small inefficiencies — delays in communication, inconsistencies in records, and additional administrative burden. In environments where multiple teams are required to coordinate quickly, these inefficiencies can make it harder to maintain clarity and confidence during live situations.

This also has implications beyond the incident itself. When information is distributed across systems, reconstructing events afterwards can become time-consuming and, in some cases, incomplete.

How universities can improve campus safety, coordination and visibility

Improving campus safety systems is rarely about introducing more tools. In most cases, it involves simplifying and better connecting what already exists.

For many universities, this means moving towards a more unified operational approach — one where incidents, actions, communications, and reporting are brought together, rather than managed separately across different platforms.

Importantly, this does not always mean replacing existing systems entirely. In many cases, universities already have established tools for specific functions, such as emergency communications or access control. The opportunity often lies in reducing duplication and creating clearer links between systems, so that information flows more naturally across teams.

The benefit of this approach is not just efficiency, but reduced operational overhead. When teams are no longer required to manually reconcile information or manage multiple disconnected workflows, it becomes easier to maintain consistency, respond effectively, and evidence actions when required.

This is a direction already seen across other safety-critical sectors, where the combination of regulatory pressure and operational complexity has driven a move towards more integrated systems. Higher education is increasingly encountering similar conditions, albeit within a uniquely open and dynamic environment.

A more joined-up approach to university security systems

At Halo, we’ve built our platform around the realities of high-pressure, multi-agency environments — where coordination, clarity, and accountability are essential, but so is ease of use.

The Halo System brings together incident management, tasking, real-time coordination, and audit-ready reporting into a single operational platform, designed to support teams both during incidents and as part of day-to-day campus activity.

For universities reviewing their current approach, the focus is often less on adding new tools, and more on understanding how existing processes can be simplified, connected, and made easier for teams to manage in practice.

If you’re currently exploring this, you can learn more here:
👉 Halo for Universities
👉 How Halo is helping Birmingham City University save 25-30 hours a week

Or, if you’re attending any AUCSO conferences or roundtables this year, come and speak to the team — we’re always keen to share insights from across the sector and hear how others are approaching similar challenges.

Ready to try it for yourself?

Discover how Halo can help you connect your campus safety & security operations.

Book a Demo
Learn More

Halo Solutions is proud to be supporting a pioneering PhD research project at the University of Northampton focused on improving decision-making standards in live event environments.

The ongoing research, led by doctoral researcher Claire Drakeley, looks to explore how on-event decisions — often made under pressure and scrutiny — can be strengthened through clearer frameworks, structured thinking and applied learning. The research addresses one of the most critical challenges facing event professionals today:

How can on-event decision making be improved?

Bringing Real-World Systems into Academic Research

The 3-year partnership between Halo and the University brings collaborative development of student learning experiences and research activity linked to events and venue management.

As part of this collaboration, Halo is providing a dedicated, ring-fenced version of the Halo Incident Management System for use within the University’s simulation exercises, alongside hands-on system training for participating students. This ensures students not only learn how to use industry standard software, but understand how structured incident management and data capture supports effective decision-making in high-pressure environments.

Halo is also supporting the design and delivery of the live simulations, advising on how professional event control rooms operate in practice — from incident logging and escalation to task allocation and maintaining clear audit trails.

Rather than engaging solely with theory, students are working directly with the same type of operational tools and workflows used by security and event management teams across the industry.

“Decision-making in live event operations can be a bit of a dark art, caught between creating extraordinary experiences and keeping everyone safe, in a high pressure context with significant consequences.  Not only that, but this process hasn’t been researched previously so the study, simulation and use of Halo are all part of enabling us to make better decisions, preventing escalation of issues into crises.”
– Claire Drakeley, Senior Lecturer and Programme Lead

Supporting Operation Nexus+

A key component of the collaboration is Operation Nexus+, a large-scale simulation exercise based on Silverstone Circuit; one of Halo’s most renowned motorsport partners.

The project brings together students from Events, Hospitality, Marketing, Criminal Justice, Policing and Tourism to simulate the coordination of a major live public event.

Within the exercise:

  • Events students operate a simulated Event Control using radio communications, staff networks and Halo
  • Other disciplines manage media response, investigations, guest impact and stakeholder liaison
  • Participants respond in real time to evolving incidents and operational pressures

Halo’s system underpins the control room element of the exercise — enabling incident logging, task allocation, escalation tracking and decision recording in a way that mirrors real-world practice.

By basing elements of the simulation on one of Halo’s live customer environments (adapted for academic use), students gain exposure to authentic operational workflows while remaining within a safe, structured learning space.

Investing in the Future of the Industry

For Halo Solutions, this partnership reflects a broader commitment to supporting the long-term resilience and professionalism of the events sector.

Live events are complex, high-stakes environments and decisions made in moments of pressure can carry significant safety, reputational and financial implications. Supporting research that seeks to strengthen how those decisions are understood and applied is something we believe benefits the entire industry.

“If we want safer, more resilient events in the future, we need to invest in the people who will be leading them. Supporting applied research and realistic simulation is one of the most meaningful ways we can contribute to that goal.”
– Lloyd Major, CEO & Founder of Halo Solutions

Looking Ahead

Halo Solutions believes that meaningful industry progress happens when technology providers, academics, legislators and practitioners work together.

By supporting this research and embedding real-world incident management practice into higher education simulations, we are proud to play a small part in shaping a more prepared, more confident and more capable next generation of event professionals.

Because better preparation today leads to better decisions tomorrow.

Halo Solutions is pleased to announce a new collaboration with Showstop® Procedure , an award winning internationally accredited certification programme from the Pink Bows Foundation which is supported by global industry bodies and experts.

The inaugural course was launched in Houston, Texas in 2025, as an immersive, certificated one-day accredited programme for event professionals responsible for safety and event-day decision-making at concerts, festivals, stadia and large-scale public gatherings.

It equips planners, venue managers, safety leads and tactical decision-makers with structured frameworks, defined competencies and the confidence to plan, prepare for and execute a rapid, coordinated response when life-safety risks arise during live events, reducing the risk of system failure and enhancing command, control, coordination and communication during an emergency incident.

Halo has worked with Pink Bows Foundation to develop training-aligned material, namely a scenario-based video that demonstrates how a Showstop  incident can be recorded, escalated and managed through the Halo System, an Incident Management system that supports real-time control room decision-making and post-event reporting.

The Showstop® Procedure course: A new standard for event safety

The Showstop® Procedure course was developed by internationally recognised crowd safety experts Steve Allen and Dr Mark Hamilton, who pioneered and named the Showstop®  Procedure in the 1990s. Retained by the Pink Bows Foundation, they bring decades of frontline experience in event risk reduction, operational safety and crowd management, and have served as Expert Witnesses in multiple high-profile cases.

The course is internationally accredited by Highfield and the CPD Certification Service and is recognised across global safety networks for its professional credibility and practical application.

The training focuses on real-world readiness: it introduces a structured emergency intervention protocol that gives event leadership the tools to respond proportionately to emerging life-safety hazards, coordinate a tactical response and where necessary, implement Showstop® to regain control and restart if safe to do so within a structured framework.

This approach reflects industry leaders’ recognition that formal decision frameworks, supported by practice and systems integration, are integral to safer event outcomes. Showstop® is designed to help unify audience safety practice across jurisdictions and event types.

Supporting a Global Standard for Showstop Procedure

The Showstop® Procedure training programme is championed by the Pink Bows Foundation, a nonprofit founded by the Dubiski family following the tragic loss of their daughter Madison at the 2021 Astroworld Festival where 10 people died and hundreds of others were injured.

Pink Bows’ mission is to work collaboratively with the live-events industry to raise safety standards and help prevent similar tragedies in the future. The foundation has the support of major global crowd safety organisations, including the Event Safety Alliance (North America), Event Safety Alliance Canada, the Global Crowd Management Alliance and the United Kingdom Crowd Management Association, as well as endorsement from Sir Paul McCartney and seasoned safety professionals.

This collaborative effort marks one of the first attempts to standardise a global crowd safety procedure with third-party accreditation, training individuals not only in tactical implementation but also in the theory, planning and risk assessment that underpin event safety-critical decisions.

Bringing Training to Operational Reality

While the Showstop® course focuses on event personnel with safety-critical roles, the practical challenge for many organisations lies in operational execution, how control rooms, incident coordination teams and cross-functional staff apply these principles when incidents occur.

Halo’s contribution: a Showstop Procedure-aligned incident simulation video — helps to bridge that gap by showing how the Halo System can support Showstop Protocol and C4 framework with:

  • Rapid incident capture when a safety threshold or trigger is recognised
  • Delegated tasks and communication channels between safety, security, production and event control
  • Audit-ready timelines and evidence trail’s to support post-event analysis and compliance
  • Decision logs that help teams reflect on critical choices and outcomes

By aligning procedural training with practical implementation tooling, Halo and Pink Bows Foundation aim to help organisations move beyond theory into repeatable, defensible operations.

A Step Forward for Event Safety

As live events continue to attract large, diverse audiences, and as scrutiny on safety outcomes grows, coordinated training and integrated management systems are becoming essential components of risk mitigation.

The Showstop® Procedure course and associated materials reflect a broader industry shift toward tangible, accredited emergency frameworks; integrated decision support and management platforms; cross-discipline preparation spanning safety, production and operations; and universal understanding of risk thresholds and escalations.

Halo Solutions is proud to support this important initiative and looks forward to continuing partnerships that help translate crowd safety best practice into real-world operations.

Find out more about Showstop Procedure courses here

About Halo Solutions

Halo Solutions are on a mission to transform how technology is used to protect people. The Halo System is an all-in-one incident and risk management platform designed to give control rooms, security teams and safety leaders the tools they need to protect people and places more effectively. From planning and proactive risk management, through to live incident response, task coordination and post-event reporting, Halo brings every part of safety operations together in one place and records it all.

Introducing New Single Sign-On (SSO) for The Halo System.

Enterprise-grade access control. Seamless user experience. Stronger compliance by design.

Single Sign-On (SSO) is now available for all Halo System users — built in direct response to customer demand and designed to align with modern security and IT governance standards.

For organisations using Microsoft Entra ID, SSO enables secure, centralised authentication into Halo — removing password risk while strengthening control over user access.

Why SSO Matters for Security Leaders

Security isn’t just about incident response — it’s about identity control.

With SSO enabled, Halo users benefit from:

Centralised User Management

User provisioning, suspension and deletion are managed directly through your organisation’s Microsoft Entra tenant. No duplicated processes. No manual user clean-up. No forgotten accounts.

And when a user leaves your organisation, access to Halo is automatically revoked in line with your identity policies.

Enhanced Security & Compliance

SSO delegates authentication to your secure corporate environment.

  • Enforced MFA (Multi-Factor Authentication)
  • Conditional access policies
  • Centralised password governance
  • Audit consistency across applications

This ensures Halo aligns with your wider IT security architecture — not outside it.

Reduced Credential Risk

No additional Halo passwords to manage. Users authenticate through your organisation’s trusted identity provider, significantly reducing:

  • Password reuse risk
  • Credential sharing
  • Weak password exposure

Seamless User Experience

Users log in with their corporate email address via your Microsoft environment. The experience is consistent across:

  • Web access
  • Mobile app login
  • Multi-client environments

For large organisations operating multiple Halo accounts, a single Entra identity can securely access multiple Halo clients where configured.

Built for Real-World Operational Environments

We understand the complexity of control rooms, venues, transport hubs and critical infrastructure environments.

SSO has been designed to support:

  • Existing Halo customers transitioning without losing permissions
  • Multi-account organisations requiring cross-client access
  • Controlled onboarding of new users
  • Flexible support for temporary non-SSO users where operationally required

Halo Admins retain visibility and control over configuration — while identity authority remains with your IT team.

What Changes When You Enable SSO?

When SSO is activated:

  • User creation, suspension and deletion are managed via Microsoft Entra
  • Email addresses become the primary identifier
  • Login transitions from username/password to secure identity provider authentication
  • Sync occurs automatically (approx. 40-minute interval)

Your Partnerships Manager will support your onboarding to ensure a smooth transition.

Designed By You, Built By Us.

SSO was one of the most requested enterprise features from our customer base.

So we built it.

Not as a bolt-on workaround — but as a secure, properly integrated identity model aligned to modern security best practice.

Ready to Enable SSO?

Strengthen your access control.
Align Halo with your enterprise identity framework.
Reduce credential risk across your organisation.

Speak to your Partnerships Manager today to discuss activating SSO.

Book a Call

SSO FAQs

Ready to try it for yourself?

Book a demo and discover how The Halo System can help you achieve safety & security excellence.

Book a Demo
Discover Halo

Christmas markets are now a fixture of the UK’s winter economy. A valuable boost for local businesses, a driver of tourism, and a key seasonal attraction for councils and communities. But they are also complex operations with dense footfall, temporary structures, winter weather challenges, and diverse stakeholder roles. Ensuring they run safely and efficiently requires more than goodwill and fairy lights. It demands structured planning, strong communication, and a coordinated operational approach.

To the public, Christmas markets feel spontaneous and organic. To operators, they are anything but. The challenges are predictable but complex:

  • Crowds that swell and contract unpredictably
  • Narrow walkways prone to bottlenecks
  • Stalls with cooking equipment, electrics and storage in tight spaces
  • Wet and icy conditions that silently multiply slip risks
  • Trader compliance requirements spanning fire, food safety, waste and more
  • Visitors ranging from families with prams to late-evening drinkers
  • Public spaces not designed for sustained event-level activity

None of these issues are new to event planners, local councils or security providers involved in Christmas markets, but the way they combine creates a uniquely demanding operating environment.

And unlike stadiums, music festivals or other large-scale events, there’s no universally adopted, sector-wide standard for managing Christmas markets specifically. The risks are well understood, the stakeholders are experienced, and the public expectations are consistent, yet every market evolves in its own way. Layouts differ, local policies vary, infrastructure changes year to year, and markets expand, contract or relocate based on opportunity and budget.

So how can we ensure our safety & security operations keep up?

Security That’s Effective, Not Heavy-Handed

Security at Christmas markets has matured significantly in recent years. Most professionals in this space already understand the fundamentals: visible reassurance, good communication and proportionate measures. What’s evolving now, and where real value lies, is in how security integrates with the overall operational picture.

Rather than treating security as a standalone function, the most effective markets take an approach where security, safety, welfare and crowd management operate as one intelligence network. That’s where subtle innovations make a difference:

  • Behavioural insight shared in real time across operational teams (rather than siloed in security channels) ensures early indicators of issues, from crowd surges to welfare concerns, are acted on collectively rather than sequentially.
  • Security presence mapped to crowd patterns, not fixed positions allows resource deployment to shift proactively as footfall changes throughout the day. This turns static guarding into dynamic, data-informed positioning.
  • Vendor-facing communication improves situational awareness. Vendors often spot emerging issues first, long before they reach a radio. Treating them as part of the safety network through public reporting creates early-warning capability that security teams alone can’t replicate.
  • Integrated customer-service training for stewards and security strengthens de-escalation and public confidence. A well-handled minor incident prevents the major one that never needs to occur.
  • Subtle environmental cues such as lighting, layout, sound levels and the positioning of staff play a far greater role in shaping visitor behaviour than overt enforcement. Strategic design becomes part of the security strategy.
  • Information consistency is often the biggest differentiator: When security, operations and local authorities work from the same real-time information, response time drops drastically and actions remain coherent under pressure.

This integrated, intelligence-led model ensures security isn’t just effective — it’s a seamless part of the public experience. Visitors perceive the market as well run, well supported, and confidently managed, without ever feeling like the environment is being controlled for them.

The aim isn’t to introduce more security, but to connect it more intelligently with the rest of the operation.

Adopting a Control-Room Mindset (Even Without an Actual Control Room)

One of the most impactful upgrades any Christmas market can make is adopting a control-room mindset. This doesn’t require expensive infrastructure or a permanently staffed operations hub. It simply means borrowing the principles that make well-run control environments so effective:

  • Shared situational awareness
  • Clear, unified communication channels
  • Consistent, centralised incident logging
  • Defined responsibilities and escalation pathways
  • A common operating picture for all agencies and stakeholders
  • Real-time decision-making supported by the right information

Most Christmas markets involve multiple organisations — councils, operators, security teams, first aid, traders, volunteers. Without coordinated communication, information gets trapped in silos, duplicated across radios, or lost entirely. With a control-room mindset, every team member becomes part of a connected operational network.

This approach reduces friction, improves response times, and gives organisers the ability to catch small issues early before they escalate into bigger ones that threaten safety or disrupt the visitor experience.

Capturing Intelligence That Actually Makes a Difference

Christmas markets run for multiple days or weeks, which creates a valuable opportunity: continuous improvement in real time.

Capturing accurate data like incidents, near misses, crowd trends, weather impacts, vendor issues, public enquiries, welfare needs and more allows organisers to:

  • Adjust staffing to match peak flow
  • Reconfigure problematic walkways
  • Reposition or support specific vendors
  • Anticipate recurring issues
  • Evidence compliance and due diligence
  • Improve planning for future years

A market that learns every day performs better every day. Intelligence doesn’t need to be complex; it simply needs to be consistent. Structured reporting and un-tamperable, easily retrievable logs create a feedback loop that elevates safety, efficiency and visitor satisfaction.

Connected Operations = Seamless Seasonal Experiences

Christmas markets succeed when all the moving parts operate as a connected system rather than parallel teams. The risks are familiar, the expertise already exists, and the commitment from organisers is consistently high. What often makes the difference is how well information flows, how consistently incidents are logged, and how easily teams can build a shared understanding of what’s happening across the site.

By adopting an intelligence-led, connected approach, Christmas markets become safer, smoother and easier to run not through more resource, but through better coordination and clearer communication. When everyone sees the same information at the same time, decision-making sharpens, responses become faster, and the entire operation feels more coherent to both staff and visitors.

For teams looking to strengthen that level of coordination — whether for Christmas markets or any other public event — Halo provides a platform designed specifically to support multi-agency collaboration and real-time operational clarity. You can learn more about how we support event, local authority and security partners at www.halosolutions.com.

Get the latest public safety insights straight to your inbox

 

Subscribe to receive regular updates on threat intelligence, security & public safety trends, regulatory changes, and new tools to help you protect people and places more effectively.