What is the Incident Response Curve?

The Incident Response Curve (IRC) is a powerful framework that visualises how teams react during the lifecycle of an incident, from recognition through to resolution. Developed by Trevor of Metier Solution, a seasoned professional with over 20 years of experience in defence, cyber and security innovation. The IRC reveals insights about response patterns and identifies opportunities to enhance preparedness and resilience.

The 4 Phases of Incident Response

  • Detection: This is the moment when an incident occurs or is first identified. The curve starts to rise as the problem grows. Detection may involve monitoring systems, user reports or automated alerts. The speed and accuracy of detecting an incident directly influence the organisation’s ability to contain and manage it.
  • Response: After detection, the response phase begins. This involves classifying the severity of the incident, containing its effects and taking steps to stop its escalation (such as isolating affected systems or shutting down compromised areas). The goal here is to minimise the damage and prevent further spread. In this phase, the curve continues rising, representing the growing impact but effective response can slow the rise.
  • Recovery: Once the incident is contained, the focus shifts to recovery—restoring services, recovering data and returning to normal operations. The curve begins to descend as the impact lessens. The speed of recovery depends on factors like the severity of the incident and the readiness of backup systems. Effective recovery strategies bring operations back to normal more quickly and with fewer long-term effects.
  • Return to Normal Operations (Norm): The final stage is when normal operations are restored and the incident is resolved. The curve reaches its baseline again. However, after every incident, a post-incident review should take place. This is the time to learn from the incident, identify any weaknesses in detection, response or recovery processes and implement improvements for future preparedness.

Unlock Your Team’s Incident Response Potential

Optimise your event safety and security strategy with our free IRC Calculator.

Using a short, interactive questionnaire, the IRC Calculator will:

  • Help you pinpoint where your operation currently sits on the Incident Response Curve
  • Reveal key strengths and vulnerabilities in your incident response approach
  • Provide tailored, actionable recommendations to boost your capability and help you save time, money and lives
  • Support business case development and expenditure justification

At the end of the process, you’ll receive a personalised results summary.

Stay ahead of the curve. Get started now.

IRC Calculator
Incident Assessment

Halo Solutions is proud to announce a new partnership with industry veteran Roger Hooker, founder of Hooked On Events, who joins Halo as Advisor & Ambassador. With more than 30 years of international event experience, Roger brings deep operational knowledge and leadership to help shape the future of Halo and its customers.

Bringing People and Technology Together

Halo was founded by practitioners who know the reality of live operations; where safety, service, and decision-making are always under pressure. That same philosophy underpins Roger’s new consultancy, Hooked On Events, which specialises in bringing clarity and calm to complex event environments.

Roger’s career has taken him from London 2012 and Ascot Racecourse, to global roles including Operations Director for the ABB FIA Formula E World Championship, and most recently, Venue COO at ExCeL London. In every role, his reputation has been built on uniting teams, creating clarity under pressure, and delivering world-class events.

This ethos aligns perfectly with Halo’s mission: giving organisations the tools, systems, and support they need to protect people, safeguard venues, and deliver seamless operations.

A Valued Partnership

This partnership brings lasting value to both organisations, with Roger’s involvement playing an important role in shaping Halo’s future. As an advisor, Roger’s decades of experience will provide a valuable industry voice within Halo’s technology roadmap. The Halo System has always been developed in close collaboration with customers and industry experts, ensuring Halo’s new features and innovations anticipate and respond to emerging industry and needs and standards. Roger’s insight will strengthen this approach, helping Halo to keep creating solutions that are not only relevant today but prepared for the challenges of tomorrow.

With shared values and commitment to the safety industry, together, Halo Solutions and Hooked On Events will highlight the importance of operational excellence and shine a light on the individuals who work tirelessly behind the scenes to deliver safe, successful events. By combining technology, lived operational expertise, and a shared drive to elevate industry standards, the partnership ensures that Halo continues to deliver trusted, expert-backed solutions to its growing community of customers.

“Exceptional things don’t happen, without exceptional people conceiving of and then delivering them. Roger exemplifies the very best of us in the global events industry having been part of the conception and delivery of some of the most prestigious and biggest event brands and locations worldwide throughout his illustrious career. To be able to partner with him in bringing our message to the World marks the beginning of a truly exciting next chapter in our scale-up journey.”

– Lloyd Major, Founder & CEO of Halo Solutions

A Shared Philosophy

Halo has always believed in putting people first—through transparent pricing, customer-led product development, and long-term relationships built on trust. Roger’s approach through Hooked On Events mirrors that philosophy: independent, pragmatic, and focused on bringing people together to deliver ‘brilliant’.

“Our absolute primary responsibility is to keep people safe within our care.  This is Halo’s DNA – with collaboration and innovation with practitioners to provide the best possible pragmatic tools. I’m hugely excited to be working with this energetic business that has challenged the market norms, grabbed interest globally, and to further bring together world class technology to those with lived operational experience.”

– Roger Hooker, Founder of Hooked on Events

Together, Halo Solutions and Roger Hooker will give clients the best of both worlds; cutting-edge technology backed by lived expertise in delivering world-class events.

Discover The Halo System incident management software. Explore Hooked On Events services

Imagine stepping onto a plane and learning there’s no black box onboard. Would you stay on? In the aviation industry the black box is non-negotiable. It records everything: the conversations, the data, the timings, the decisions (good and bad), and it’s your only chance of learning from a crisis if something goes sideways.

Now ask yourself: how is your venue different?

You’ve got teams working hard, visitors relying on you, compliance obligations to meet, and a brand to protect. But if something serious happened tomorrow, could you quickly find out exactly what was said, what was done, who made which decision and when?

For many venues, the answer is… not really.

This is where The Black Box Mandate comes in.

What is The Black Box Mandate?

It’s simple. It’s the idea that every organisation, venue, event, or business needs a system that captures, stores, and protects the critical data behind your decisions, communications, timings, and action, just like aviation does.

The difference? In aviation, it’s compulsory. In the public safety world, it’s still a luxury.

Until now.

We’re calling time on that. In a world of rising risk, increased scrutiny, and the looming weight of legislation like the Terrorism Protection of Premises Act, a venue version of a black box isn’t a “nice-to-have” anymore. It’s a moral, and operational must-have.

Many venues don’t realise they’re missing it

That’s not a criticism – it’s just the reality. Most venues run smoothly day to day, and that’s brilliant. But when the unexpected happens, it’s all too easy to find yourself chasing scraps of information: spreadsheets, screenshots, email chains, WhatsApp threads, video clips… and gut instinct.

By then, the opportunity to get the facts straight is slipping away.

“When something goes wrong, people don’t want opinions. They want evidence.”

Lloyd Major, Founder & CEO of Halo Solutions

That’s where The Halo System comes in – your single source of truth. A clear, searchable, time-stamped, protected record of your operations in real time. All reported, managed and recorded via the very best cloud-based IMS. No tampering, a full and complete audit trail that meets evidentiary standards. So, when anyone asks, “What happened?” you’ll already have the answer.

Not just for disasters, either.

Your black box isn’t just for catastrophes. It’s also your guardian angel for:

  • Insurance claims (less he-said-she-said, more here’s-what-actually-happened)
  • Legal disputes (the evidence doesn’t lie)
  • Staff handovers (no more “Dave’s off sick and took the plan with him”)
  • Post-event reviews (intelligence powered by insight)
  • Compliance audits (hello, TPoP)

And if you do face a major incident, it becomes your most valuable asset. Not just for accountability but for learning, improving, and protecting your team, your brand, and your future.

This isn’t surveillance. It’s smart stewardship.

Let’s address the elephant in the server room: “Isn’t this a bit… intense?”

This isn’t about surveiling your teams’ work or micromanaging. This is stewardship. You don’t need to watch everything; you just need to make sure that when key moments happen, they’re recorded, reviewed, and remembered.

It’s about giving your team easy access to clarity. Confidence. A shared understanding of what’s happening and how to respond, and how to carry these findings into the future.

Don’t be left behind

We call it The Black Box Mandate because it’s fast becoming more than a best practice. As expectations grow and standards rise, having a cloud-based IMS in place isn’t just smart, it’s futureproof.

Halo is the black box for your business.
Your always-on, always-recording, always-available safety and security operations record.

There to make your business safer, smarter, and more defensible.

You wouldn’t fly without one, so why operate without one?

The Black Box Mandate is here. Get ahead of the curve and see what impact this could have on your venue, with our free Incident Readiness Calculator.

Read more about the Black Box Mandate in our industry report: Public Safety in Numbers

In today’s fast-moving threat landscape, venue and event security teams need more than just good instincts, they need proven, repeatable frameworks that work under pressure. That’s why we created the Integrated Threat Management Aide Memoire: A quick-reference tool for security professionals, designed to help you and your team make fast, informed decisions in critical situations.

Whether you print it, keep it on your device, or integrate it into your team briefings, this tool can help you respond smarter, act faster, and safeguard more effectively.

In this article, we’ll break down the 7 core frameworks in the Aide Memoire and show how they can strengthen your integrated threat management approach.

Download your free copy of the Aide Memoire, with these frameworks and more, here.

Joint Decision Model

When time is critical, clarity is everything. The Joint Decision Model helps you coordinate effectively with partner agencies, assess risks, and decide on the most appropriate action.
It focuses on:

  • Gathering information and intelligence
  • Assessing threats and risks
  • Considering powers, policies, and procedures
  • Identifying options and contingencies
  • Taking action and reviewing the outcome

Used correctly, the JDM ensures that everyone in the chain of command is aligned and informed.

HOT Protocol – Unattended item assessment

When you find an unattended item, your ability to quickly determine if it’s lost property or a suspicious device can save lives.
HOT stands for:

  • Hidden – Has it been concealed or hidden from view?
  • Obviously Suspicious – Wires, batteries, substances, unusual smells?
  • Typical – Is it what you’d expect to find in that location?

If the item fails the HOT test, you step back, inform, and record — following your cordon and communication procedures.

Four Cs & 5 Ws – Information to prepare for Police

This dual framework ensures you control the scene and communicate the right details to police and emergency responders.
The Four Cs: Clear, Control, Confirm, Communicate.
The Five Ws: What, Who, Why, When, Where.

The result? A scene that’s secure, documented, and ready for professional assessment.

METHANE – Shared situational awareness

Used widely across UK emergency services, METHANE ensures everyone has a consistent operational picture. It’s an interoperability essential that reduces confusion in multi-agency incidents.

Crowd Tension Indicator

Crowds can shift from compliant to hostile in moments. By tracking indicators like crowd density, mood changes, and signs of agitation, you can spot early warning signs before escalation.
These cues help you adapt stewarding, adjust communications, and, if necessary, coordinate rapid intervention.

Threat Assessment – Identify, Intent, Capability, Immediacy

A simple but powerful threat model, this method keeps your threat analysis fast, structured, and actionable.

CBRN Approach – Casualty hazard awareness

Chemical, Biological, Radiological, and Nuclear threats require special caution. This step-based approach helps you decide how close you can get to casualties safely.

Why These Frameworks Matter

Integrated threat management is about reducing decision fatigue under stress. With a shared set of tools and language, your team can:

  • React faster
  • Avoid mistakes
  • Improve coordination
  • Save lives

The Aide Memoire brings all these frameworks into one portable reference, so you’re never more than a glance away from critical guidance.

“The worst unrest the UK has seen in decades”(1)

With the rise in protestor activity and unrest across the UK, many venues, events, and places where people gather have been warned to be prepared for protests, counter-protests, and the potential for escalated violence and rioting. The Human Rights Act ensures everyone has qualified freedom of speech and the right to peacefully assemble and associate, leading to the need for a delicate balance between protecting those rights and keeping people and premises safe.

As the police and government respond to protest and rioting activity across the UK, and international conflict, elections and climate activism continues to impact critical response across the globe, many venues and events are preparing their security operations to manage a potential increase in incidents and emergency action. And The Halo Solution is here to help.

Halo & Protests

The Halo Solution is a cloud-based, integrated technology solution that brings multiple incident management and safety operations tools together into one unified platform.

By connecting the right information to the right people in the right place at the right time, the Halo solution helps you to deliver best practice in your Incident Management and Safety Operations capability so you can protect everyone and save lives.

Football: 711 years of recorded disorder

The football world has a long history of facing protests and crowd management incidents. From from recent Old Trafford protests to the clashes at Villa Park last year, as far back as the Lima Football riots in 1964.

The Halo Solution has assisted at over 500 football matches across the UK, protecting over 10 million fans. By connecting all of the clubs we work with, we’re working to increase the penalty for hate crime and violent offences by implementing a ‘banned from one – banned from all’ initiative.

We’re also helping security staff to respond to critical incidents quickly and appropriately by getting the right information to the right people at the right time.

“We’ve seen fantastic results implementing the Halo System into everyday security operations across Stamford Bridge and Cobham Training Ground” – Bakary Bah, Senior Security Manager, OCS Group. Providing security services to Chelsea Football Club.(2)

Student Protests: Balancing student experience and campus security

University campuses are a prime place for protest activity, and with such a vibrant mixture of voices and perspectives, it can be difficult for universities to manage student protests and potential escalations.

With the Halo Solution, our university customers can connect their entire campus, from student experience teams to security, from the car park to the campus centre, taking a joined-up approach to campus security that both prevents and manages critical incidents as a result of student protest activities (and much, much more…).

Keeping peaceful protests peaceful.

Protests don’t always escalate to violence and often event and venue security teams’ response can be key to a successful peaceful protest.

By identifying protest groups and individuals, and logging information about their protest history, political stances and willingness to engage, event organisers and security teams can make data-backed decisions in regards to about to expect from a protest group and how to prepare for any demonstrations to cause minimal disruptions.

The Halo Solution, with its advanced insight and analysis features, bulletin boards and digital control logs, is helping events and venues to counter protestor threats and build intelligence to make the best decisions and manage protester activity as effectively as possible.

“We have seen increasing protest activity over recent months across our venues. Recording the incidents on the Halo System has enabled us to accurately track protestor activity, whilst having intelligence on methods of protests, regular protestors and the impact to site operations. Having this evidential information has enabled the security teams to best prepare and facilitate peaceful protest – by early intervention, targeted interventions and working appropriately with protestors to limit the impact to our site and clients.” – Zak Khachik, Head of security at the NEC Group(3)

Find out more about The Halo System and how its powerful features can help your team keep everyone safe.

Halo Solutions. Let’s Protect Everyone.

The Gold-Silver-Bronze (GSB) structure has long been the backbone of effective crisis leadership, giving organisations a clear framework for coordinating responses at strategic, tactical, and operational levels. But today’s challenges demand more: Complex incidents, high public scrutiny, and diverse stakeholder expectations don’t quite fit into the current structure.

But perhaps the introduction of an Executive layer could bring this soon-antiquated model into the future.

We’ve already seen elements of this idea in practice, like “Super Gold” or “Platinum” and at the other end “Sub-Bronzes” or (shudders….) “Crimson Commanders” with the need for more than three levels of ‘Key-Decision-Makers’ used by global organisations to oversee sprawling operations or critical incidents. These adaptations show how an additional layer can provide clarity across the chain of command, driving confidence and trust when it matters most. Adding this dimension to the GSB framework makes it future-ready for complex environments where crises don’t just demand action—they demand responsibility, and crucially in the private sector, accountability and actual financial ownership of risk. In the private sector, somebody somewhere really does own it!

Read on to learn how and why we propose this could work in practice…

Driving Leadership with Clear Responsibility at the Top

At the heart of any crisis response is the need for clarity on decision making. Everyone needs to know who makes what decisions, and when. Ideally, they would also know how far they can colour outside the lines before having to refer the decision upwards for guidance.

We have seen over the years the Emergency Services practically perfect the GSB structure (now “Strat-Tac-and-Ops” as its more commonly referred to) and as it’s become more universally spread, including its adoption in the private sector. In-fact, one could argue that it was the private sectors adoption that hastened the change from traditional “GSB” colours to “Strat-Tac-and-Ops” because everyone wanted to be Gold! Plus, in their defence, why wouldn’t the owner of a traffic/security/medical company be their own Gold? They own their business after all and are most likely going to be in a control room during an event – so how does that work telling them they’re “Bronze Security” or “Bronze Medical” when in their own business they’re operating a mini GSB setup and they’re the owner? Confusing right? And that’s before the inquiry or insurance claim!

Time for a change?

While the Gold level within the GSB framework is pivotal in steering strategic direction and allocating finances or other parameters, it often stops short of assuming direct responsibility, especially for things like land ownership, brand guardianship, “those” decisions that like it or not, we need to acknowledge the financial implication of when balanced with public safety. This is where the introduction of an Executive layer becomes essential. Such a layer ensures that the most senior, executive decision-makers not only oversee outcomes but are explicitly accountable to stakeholders like boards, investors, or government entities. Drawing inspiration from global organisations that employ “Super Gold” or “Platinum” tiers, the Executive layer acts as a governance body, addressing the complexities of multi-layered crises while ensuring decisions are guided by a broader mandate.

The best example of this? It’s called the “Kegworth Air Disaster” for a reason, and that reason was purely PR based and pivoted the public mindset away from East Midlands Airport and its owners. This is the kind of ‘Executive’ decision that can be made whilst the “Strat-Tac-and-Ops” teams are busy saving lives. Plus, once the response phase is underway, the Executive branch can oversee the parallel efforts in the recovery phases and return to normality so in-effect, managing multiple phases of a crises simultaneously for maximum impact and effect and each phase might have its own ST&O Team.

Building Trust and Transparency Amid Crisis

Crises don’t happen in a vacuum—they demand transparent, consistent communication with stakeholders such as regulators, shareholders, and the public. The Strategic/Gold level’s focus on internal strategy can often mean external expectations can be overlooked or poorly managed.

An Executive layer bridges this gap, prioritising stakeholder trust, managing expectations, the media, the public and ensuring the organisation is perceived as transparent and proactive. This addition is particularly crucial when public trust or regulatory scrutiny is at stake, ensuring that messaging and actions align with stakeholder needs.

Beyond the Crisis: Securing the Future of Your Organisation

The Strategic/Gold level is well-suited to addressing immediate strategic needs, but what about the aftermath of a crisis? Whether it’s reputational recovery, compliance with regulatory standards, or rebuilding stakeholder confidence, these long-term considerations often fall outside the scope of the existing GSB/ST&O framework.

An Executive layer integrates these post-crisis concerns into the response, aligning actions with broader organisational or even societal values as referenced above. By doing so, it ensures that short-term decisions don’t jeopardise long-term priorities.

The Executive Edge: A Game-Changer in Crisis Leadership

Adding an Executive layer to the ST&O/GSB framework isn’t just a structural change—it’s a strategic and cultural enhancement. As well as the correct acknowledgment of the long running issue the private sector has had in adopting the colour scheme command layers. It strengthens accountability, deepens stakeholder trust, and ensures long-term considerations are part of the crisis response.

However, even the most robust framework benefits from advanced tools that drive efficiency and precision in decision-making. Intelligent incident management and security operations platforms, like the Halo System, take crisis leadership to the next level by providing real-time insights, streamlined communication, and actionable data. These technologies empower organisations to manage complexities, mitigate risks, and maintain transparency at every level, ensuring agility and clarity in even the most challenging scenarios.

In an era where organisations are under unprecedented pressure to deliver both transparency and responsiveness, the combination of a forward-thinking ST&O framework and cutting-edge management software could be the key to building truly resilient and effective crisis leadership and management strategies, saving money, saving time and most importantly, saving lives.

Get in touch to learn more about how Halo can support your team to achieve safety and security excellence with our training, testing and technology.

Security Journal UK: Halo Solutions tackles campus safety at UK universities

Halo Solutions has offered its safety technology to help make UK university campuses safer and to help protect female students, tackle crime and protestor activity.

According to the company, it comes at a time of mounting concerns for the wider safety of female university students and following the recent outbreak of protest activity, with protestors barricading themselves into an exam room at the University of Manchester.

It also comes at a time when Mi5 Director General Ken McCallum recently briefed university leaders on the threats from foreign states targeting UK universities in order to undermine national security and encourage political dissent and unrest.

Threats from politically motivated protestor groups are predicted to increase across other UK university campuses.  
Keep reading about how Halo is helping improve campus safety here

Public safety concerns increasingly dominate the agenda for all event organisers. The introduction of The Terrorism (Protection of Premises) Act 2025 – also known as Martyn’s Law – has focused attention on accountability and the risks associated with terrorism. But organisers are also managing a complex and diverse range of other risks, from the traditional health and safety challenges and staffing shortages, to rising costs, an escalation in cyber-attacks, and everything in between. So, how can they improve the effectiveness of all safeguarding models? What is the best way to achieve accountability while relying on multiple contractors to deliver core services? And, critically, how does the overall experience affect both customer perception of safety and their enjoyment at an event?

Lloyd Major, CEO, Halo Solutions, explains how the next generation of incident control rooms can both improve public safety and support cost-effective resource allocation and management.

Public Safety Accountability

The escalating focus on public safety created by the ratification of The Terrorism (Protection of Premises) Act 2025 (T[PoP]2025), has reinforced awareness of safety procedures and the resources required in a continuously evolving threat landscape. While an essential step in creating a consistent, coherent approach to safety, it is important to remember that safeguarding the public is not just about ticking the boxes required by regulation. It is a vital aspect of the overall attendee experience and a chance to build credibility and trust with customers. When people feel safe, they will stay longer on site and, as a result, spend more money. Most important, they will come back – dwell time and repeat attendance have long been considered key metrics that directly impact bottom line. 

The challenge for public venues is how best to achieve accountability and reinforce public safety within existing financial constraints, especially when so many services are delivered by third parties and prices are rising. What is the best approach to ensure accurate information collection, incident sharing, resource management plotted against risk, and effective cross-department collaboration? There is no doubt that technology has provided a platform to transform the speed of response and depth of understanding in recent years. However, in an era of ubiquitous mobile communication and cloud data storage, there are some businesses still 100% reliant on the first-generation, analogue approach to incident management, using pen and paper to record incidents.

The majority are now exploring how to use digital systems to transition their control rooms to a second generation approach, but even this leaves significant gaps and could be exponentially improved to transform both effectiveness and safety. Adding a second-generation use of WhatsApp messaging to Word documents and spreadsheets, for example, still requires dedicated control centre staff to transcribe incident information, slowing response and adding cost, while not delivering any significant improvement to the evidential standard of the control room, the integrity and trustworthiness of its audit trail, or any efficiencies brought about by trend analysis or resource to risk mapping.

A modern cloud-based IMS like The Halo System, made in Britain by people from your industry, consolidates all these functions into one secure, centralised platform – streamlining communication and instantly slashing subscription bloat.

Next Generation Control Rooms

Moving to the third stage, we see a purpose-built, web-based incident management system as the first step towards elevated collaboration. However, the next (fourth) generation incorporates mobile applications to deliver direct, front-line communications, removing the need for dedicated incident loggists and enabling different teams to collaborate immediately on shared information. The next generation of incident control systems leverages technologies while adding another layer of collaboration and insight to deliver end-to-end visibility and control. Efficiency and trusted evidence capture demands digitally recorded, time-stamped incident information that cannot be maliciously altered after the event and, critically, is stored securely, rather than routinely deleted.

Rapid and effective incident response demands both the use of mobile communication and data capture and highly effective models of collaboration that ensure teams work together and with emergency services if required, friction free. Fourth generation control rooms give everyone the information they need, when they need it. No more rumour mill. No more misinformation. No more inaction.

Also, providing the pubic with the ability to report incidents including sexual assault, drug dealing and missing people (via QR code, URL weblink embedded in third party software or SMS), improves the flow of information to all relevant agencies, including photographic evidence sent directly to the police and, as a result, enhances the overall perception of attendee safety. It reinforces a continual cycle of improvement as risky people are removed from and banned from places where the public gather, improving the safety of those places and, therefore, dwell time and re-attendance of the public. 

The Control Room of the Future?

Where do we go from here? The future control room is one that integrates multiple automated artificial intelligence systems. It’s not enough that the IMS at the heart of the control room has AI, it must integrate with other systems that also have it and thus fully deliver a series of safe automations. 

For example, a fire safety system capable of focusing the cameras on the source of the fire, automatically creating an incident, alerting the response team, and live streaming to them and the control room what is happening. This automated workflow would be built in advance by the business using the systems to agree on “If This, Then That” (IFTTT) type staging. 

In another example, an AI computer vision layer across the top of the CCTV ‘sees’ the abnormal swinging of arms and detects a fight. It focuses the cameras, creating an incident, but doesn’t alert the response team without the human controller confirming first. 

A further example might be in the event of an industrial accident. The incident gets tagged with “fatality” and, as a result of that tag, a sequence of workflows is set in motion that trigger emails, SMS and even automated phone calls to the relevant people on a list, alerting them to an MS Teams conference that’s been created and is starting in 15 minutes.

The control room of the future will be multi-system, multi-functional and multi-purpose, elevated by AI but with humans at the centre of the way it works, taking the strain off a series of automated steps and actions.

The Bottom Line

Improvements in operational safety and security are at the forefront of every practitioner’s mind at the moment, as they deal with pressure to achieve more with less.

Over the next 18 months in the UK, we will see the Security Industry Authority (SIA) working to deliver guidance and further understanding on the implications of T(PoP) Act 2025 With it, organisations will begin to understand and identify gaps within their current procedures, policies and resources to meet this new demand in harmony with the others they balance on a daily basis. 

It is always important to look beyond any recency bias and the new regulatory demands. Old risks are not going away and, if anything, after recent cyberattacks on M&S and others, it seems no one is safe! The efficiency with which any business manages its incidents affects not only regulatory compliance, but also its bottom line and the quality of customer experience. Students will not go to unsafe universities; travellers do not use overcrowded, unsafe transport hubs; but safe, happy event attendees will spend more time on site at festivals, sports stadia and entertainment locations. More time on site equals more money spent, and more repeat business. 

Public safety economics is linked to every aspect of the financial success and performance of a public event and, increasingly, that includes scrutiny of the safety and security operations. But you can’t enhance what you don’t record. The businesses that are performing best have a wealth of data and insights from their IMS that informs meaningful, data-driven and evidence-based decision making to maximise safety, time and finances. Or, in other words, that saves time, money and lives. 

To identify how to transition your control room to the next generation, read the white paper from Halo Solutions, here

Professional Security Magazine: Halo Supports RHS


We’re grateful to feature in Professional Security Magazine for our partnership with the Royal Horticultural Society (RHS), where the Halo System is helping deliver seamless safety and operational oversight at world-renowned flower shows, including RHS Chelsea Flower Show.

By unifying all key teams, including security, medical, police, fire, CCTV, operations, and customer service, into one live, integrated platform, we’ve helped transform how RHS manages incidents, logs activity, and coordinates responses in real time. From mobile reporting to geolocation tracking and fully auditable records, it’s a smarter, faster way to keep events safe and running smoothly.

RHS’s David Edwards calls it a “game-changer”, and we couldn’t agree more. With just an hour of training, teams were up and running, fully connected, and empowered to act quickly and confidently.

As public expectations for safety rise and multi-agency collaboration becomes more complex, Halo is proud to set a new standard for event safety, helping iconic organisations like RHS lead the way in proactive, connected, and accountable crowd and event management.

Read the full article here

Ask any seasoned security professional what their most valuable commodity is, and they’ll likely say “time” (followed closely by “budget” and if they’re optimistic: “Sleep”) will rotate across the top of their ‘Top 10’ concerns regularly. When incidents strike, you need a system that empowers you to act quickly, collaborate efficiently, and demonstrate control, all while being cost effective. Enter the Incident Management System (IMS).

Many security leaders already recognise the need for a fit-for-purpose IMS. It’s not about why anymore, it’s about when. But let’s be honest: the upfront commitment of time, money, and change management can be daunting. With tight budgets, competing priorities, and no shortage of past tech disappointments, pushing the decision down the road can feel like the safest option.

But what does it really cost to implement an IMS? And what’s the cost of not implementing one…?

Pound Foolish: The Hidden Costs of Patchwork Systems

Let’s start with the elephant in the control room: many organisations are still managing critical incidents with a Frankenstein mix of WhatsApp groups, Excel sheets, radio logs, and a prayer. This patchwork approach might seem low-budget, but the real cost lies beneath the surface:

  • Time Wasted: A study by Deloitte found that inefficient incident communication can increase response time by up to 40% – that’s time where lives could be at risk and your reputation certainly will be.
  • Subscription Overload: One tool for comms, another for mapping, another for tasking, another for logs, another for alerting… before you know it, you’re spending tens of thousands per year on siloed software that doesn’t integrate.
  • Training & Complexity: Each tool requires onboarding, updates, licenses, user management and administration. It’s a full-time job just to keep the tech stack standing and with many systems built and supported overseas, or by people that have never worked in your industry, getting help can be a headache.

A modern cloud-based IMS like The Halo System, made in Britain by people from your industry, consolidates all these functions into one secure, centralised platform – streamlining communication and instantly slashing subscription bloat.

“But What About the Upfront IMS Cost?”

Yes, there’s an initial cost in implementing any system. But let’s talk brass tacks.

Our own customer results show us that organisations that implement integrated security platforms see operational cost reductions of up to 30% in the first year. That’s not just through tech consolidation, but through faster response times, better decision-making, more cost-effective resource deployment and reduced administration/downtime.

The upfront investment pays for itself in:

  • Reduced hours spent on manual reporting
  • Fewer compliance headaches
  • Less duplicated effort across teams and agencies
  • Lower risk of reputational damage due to avoidable missteps
  • Fewer tech platform subscriptions
  • Fewer false claims / insurance payouts due to better evidence for defence
  • Fewer ‘fear purchases’ by being overstaffed because data driven decisions puts the right people, in the right place, at the right time

In other words, it costs more not have an IMS.

With the Terrorism (Protection of Premises) Act 2025 (aka Martyn’s Law) now legislation, venues and public-facing organisations are on a two to four year journey to prove they have robust plans and procedures in place, especially for lockdown, invacuation, evacuation and communication. An IMS that can track, evidence, and report on incidents in real time becomes more than helpful – it becomes the ‘black box’ for your business and all the decisions that were made, when, why, how and by whom.

Licensing legislation, Health & Safety, Security Act, and the Protect Duty plus lots of other legislation and guidance means that failure to comply may mean:

  • Fines
  • Civil litigation
  • Criminal charges in severe cases

Not to mention the perception of you and your brand.

All of which make the cost of an IMS look rather friendly by comparison.

Psychological & Social Cost: The “Invisible Budget”

Let’s not forget the toll on people.

  • Teams under stress burn out faster.
  • Senior leaders facing scrutiny need reliable records to support decisions.
  • Public confidence hinges on visible, coordinated responses.

An IMS doesn’t just manage incidents, it manages perceptions. Stakeholders, media, and the public expect professionalism. Your team expects tools that make their life easier and safer.

By reducing uncertainty and empowering real-time coordination, a well-implemented IMS becomes a morale booster, not just a tech upgrade. The proof is in the platform: Halo customers have reported significant team buy-in with our award winning, user friendly app that keeps teams connected effortlessly.

Pounds & Pennies: What are we really talking about?

Having set out the use case, and the fact that the vast majority of our clients get a return on their investment, in full, by the end of year one, not to mention an ROI of up to 8x over a three-year contract, we know you’re real people, who want to know real prices.

We have industry specific prices (the risks are different in Football compared to Shopping Centres and Train Stations) and then we scale on size because again, the risks at London Liverpool Train Station which 94.5 million people pass through, are dramatically different compared to Newark Train Station which roughly 94.5 sheep can be seen stood in the field next to it….

So prices start from free, for the smallest places with less than 1,000 people at them, and go up to £120k a year for the mega risky! But most people pay between £250 to £2,500 a month for Halo on average.

We haven’t met anyone yet who can’t afford it, or who has bought anything else based on price.

We charge a fair price, for a great product, and fantastic customer service and to date, whilst never knowingly undersold, have never competed on price to directly win a client.

 

Final Thoughts: The ROI of Readiness

In an era where risk is increasingly complex and scrutiny is immediate, the return on investment for a smart IMS is undeniable. And with Halo, you’re not just buying software, you’re replacing at least half your tech stack, protecting your people, and sleeping better at night (imagine!).

So yes, implementing an IMS has a cost. But its less than you think, you save more than you spend and;

The real question is: can you afford not to?

Get the latest public safety insights straight to your inbox

 

Subscribe to receive regular updates on threat intelligence, security & public safety trends, regulatory changes, and new tools to help you protect people and places more effectively.