Articles by Imad Mouline
In today’s world, businesses face a growing threat landscape. Looking back on just the past few months, there have been increased incidents of workplace violence (the recent New York city hospital shooting), terrorist activities (London Bridge attack, Manchester attack), and cyberattacks (Petya and WannaCry). While critical events have become more frequent, more complex, and costly to businesses, organisations’ emergency communications systems, plans and processes have remained surprisingly siloed and constrained by an inability to holistically manage the lifecycle of a critical event—from assessment, to communication, to analysis. The reality is that organisations today find themselves tasked with maintaining multiple, separate emergency, security, and IT command centres that each require 24x7 availability and utilise a different set of siloed tools and processes to monitor and triage threats. Situational awareness for the modern workplace Siloed processes aren’t desirable because they result in individual departments conducting their own threat assessment, which can lead to inconsistent responses to critical events. Without situational awareness, response to operational risks is delayed, leaving an organisation’s employees, facilities, travelers, and other critical assets vulnerable. Current event management processes can severely impact employee safety while also harming business operations The fluidity of the modern workplace is also a challenge for businesses. With 72 percent of workers projected to be mobile by 2020, and spending significant time away from a traditional office facility, locating and protecting workers, sharing critical information and directives, and activating the right responders becomes an even more complicated task. For example, it can take hours – and even days – for companies to determine if all their people, including traveling and remote employees, are safe after a terrorist event. The bottom line is that the way current event management processes are set up is inefficient, ineffective, and – most importantly – can severely impact employee safety while also harming business operations. Centralised incident management To better communicate with their people and protect them from harm, organisations must adopt a holistic approach to critical event management inclusive of crisis communications and incident management. This includes consolidating physical and digital tools that are traditionally siloed under multiple disciplines and operations centres. Combining these functions enables organisations to develop a common operating picture of a situation and implement an effective resolution plan complete with predefined communication paths to senior management, on-site and remote workers, customers and any other effected parties. Having a single platform that combines employee safety capabilities with threat assessment and visualisation capabilities allows organisations to better manage the full array of intelligence, coordination, collaboration, and execution required to speed response times, reduce risk, and, above all, keep their employees safe in any critical event. How security teams can manage critical events With a consolidated Critical Event Management platform, security teams within an organisation can dynamically do the following to keep their people safe and the business running effectively: 1. Assess critical events Leveraging a more integrated operational approach in lieu of the disparate systems used today allows organisations to better asses what is happening in their offices, on their campuses, or near their traveling and remote employees. By integrating physical and digital tools, such as front line, social, trusted threat, and weather intelligence, organisations have an end-to-end view integrating threats, operational impact, and response status information on a “single pane of glass.” When all information is housed in a centralised location, it is far more effective and efficient for an organisation to determine the likelihood, severity, and impact of a specific event on its people. Linking access control and badging systems, biometric systems, and Wi-Fi access points provide information on an employee’s static, last known, or expected location 2. Locate employees in harm’s way and communicate in a timely manner The increasing regularity of critical events worldwide necessitates the need to locate and alert employees of any nearby risks at a moment’s notice. Organisations need to first identify who is in harm’s way, and then notify those affected on what action to take. Aggregating data across multiple systems allows for dynamic location tracking and alerting of impacted personnel, response team members and key stakeholders. This includes employees, executives, emergency responders, Boards of Directors, and others who require detailed information of the response effort. For example, linking access control and badging systems, biometric systems, and Wi-Fi access points provide information on an employee’s static, last known, or expected location to a master database that an organisation’s security personnel can use for triggering automated incident communication. This information allows security teams to provide critical information – including site evacuation directions – while an event is occurring to ensure the safety of employees based on their targeted geographic region (e.g. a specific building, floor, neighborhood or zip code) and coordinate the efforts of responders. If an active shooter is seen approaching from the western half of an organisation’s campus, for example, the targeted alert may tell all employees on east campus to get off the property and go across the street, while all employees on west campus may be told to barricade themselves behind locked doors, as they might not have time to run. Visitors who are expected to arrive on campus later that day would be warned to stay away until police secure the premises. With a centralised system that houses all location information and communication processes, the right messages will be sent to the right people in a matter of seconds. 3. Identify decision makers and automate action A huge part in managing a crisis is not only identifying who is in danger, but who can help, and how. This process needs to be as streamlined as possible so there’s no question about who should be contacted and who is responsible for doing what. Leveraging an integrated critical event management system in which all information is centrally located allows organisations to initiate instant communications that share all relevant information and status updates with key stakeholders – there’s no confusion as to who should send out the communications, and no one is waiting on important information that is essential to convey. Each critical event can be analysed to identify which tasks took too long or what resources were missing In addition to identifying team members who need to act, an integrated system distributes targeted alerts based on specific scenarios. Taking the same active shooter scenario, an organisation’s security team can share incident details, collaborate with, and activate separate response teams, such as the police, SWAT team, and emergency responders, in a single platform – all while following standard operating procedures, escalation policies, and best practices for responding to that particular event. 4. Analyse the aftermath Once a critical event is over, benchmarks related to an organisation’s notification responses and incident time-to-resolution can be recorded, measured and assessed. Each critical event can be analysed to identify which tasks took too long or what resources were missing in order to learn from and improve response rates for the next major incident. Critical events should be managed as any major business function—through a single process with clear lines of responsibility, common situational understanding, accountability, and visibility of performance. Currently, processes are focused on the use of too many overlapping tools which only create noise and impedes an organisation from following a prescribed procedure for assessing and resolving threats. It’s time for all organisations to take a careful look at how they approach critical event management and opt instead for a centralised system that offers a holistic view – siloed processes are simply no longer effective in today’s threat landscape.
The inauguration of the U.S. president always requires vast preparation and a large security presence. The ceremony is one of a few American traditions that is designated as a National Special Security Event by the U.S. Department of Homeland Security and overseen by the U.S. Secret Service. Traditionally it’s a peaceful transition of power from one presidential administration to the next, but the inauguration of Joe Biden on the steps of the U.S. Capitol building as the 46th president was set to be more tense. Just two weeks before, an angry mob stormed the U.S. Capitol in an attempt to disrupt Congress’ certification of the Electoral College votes and Biden’s presidential win. The rioters overwhelmed the security force on the scene - the U.S. Capitol Police and the Metropolitan Police Department - to gain entry to the building. Five people were killed, two police officers later committed suicide, and more than 140 people, as of Security Technology’s press time, were later tracked down and arrested. Critical communication systems Mayor Bowser issues a city-wide curfew for DC for Wednesday, January 6, starting at 6 p.m. until Thursday, January 7, at 6 a.m." The incident highlighted how critical it is to be able to communicate quickly and effectively about what was happening, the seriousness of the threat, and what actions people should take in response. For instance, during the Capitol attack, everyone within Washington, D.C., with a cellphone was notified via Emergency Alert of Mayor Muriel Bowser’s decision to implement a curfew to give law enforcement time to respond to the crisis. “Mayor Bowser issues a city-wide curfew for DC for Wednesday, January 6, starting at 6 p.m. until Thursday, January 7, at 6 a.m.,” it said. “Essential workers, including healthcare personnel and media, are exempt.” Event management system The alert was short and made it clear what recipients should do - both critical components of a mass notification in an emergency, says Imad Mouline, Chief Technology Officer for Everbridge - which provides the critical event management system used by the D.C. region for emergency alerts. “It’s incredibly important to be concise - you don’t want people to be interpreting things,” Mouline explains. “You have to restrict the message to three points at most. It can’t be a dissertation. Three points, three messages, and try to keep it within 30 words.” Sending emergency alerts But with this drastic increase in the number of emergency alerts being sent, the risk of alert fatigue also rises It’s also crucial to know who the message is for: Is it for someone who will help remediate the situation? Someone who is impacted? Or just someone who needs to be made aware? Keeping this in mind while crafting alerts is important - especially as people are receiving more emergency alerts than ever before. In 2020, Everbridge’s systems were used to send more than 5 billion communications - a 30 percent increase from the 3.5 billion sent in 2019. These communications ranged from alerts on California wildfires to Florida hurricanes to curfews in Washington, D.C., to the plethora of COVID-19 updates issued to more than 650 million people in 200 countries and territories. But with this drastic increase in the number of emergency alerts being sent, the risk of alert fatigue also rises. Public health communications In the first study of its kind published by BMC Health Services Research in 2013 after the H1N1 pandemic, researchers from the University of Washington analysed the impact of public health communications on healthcare providers. “Every increase of one local public health message per week resulted in a statistically significant 41.2 percent decrease in the odds of recalling the content of the study message,” according to the researchers. “Our results suggest that information delivered too frequently and/or repetitively through numerous communication channels may have a negative effect on the ability of health care providers to effectively recall emergency information.” Higher sense of urgency Making a phone call is going to convey a higher sense of urgency than sending an email" To help ward against this effect, the researchers suggested that organisations coordinate the dissemination of emergency alerts so healthcare providers could better recall the information and effectively respond to the alerts. Additionally, those issuing the alerts can use various methods to escalate the severity of the alert and the response required. For instance, a lower-level alert such as notifying employees the office will be closed the following day for a maintenance issue could be sent via email. A higher-level alert, such as an evacuation notice, could be sent through a phone call - a much more disruptive method of communication, Mouline says. “Making a phone call is going to convey a higher sense of urgency than sending an email,” he adds. “Something that’s imminent, a threat to life, you may want to use all methods.” Nationwide law enforcement These aspects of effective emergency alerts and mass notification were top of mind for officials heading into the inauguration on 20 January. The FBI had issued a notice for law enforcement nationwide to be on high alert due to the potential for violence after the U.S. Capitol attack. Washington, D.C., had beefed up its physical security in response, with more than 15,000 National Guard deployed throughout the District, the installation of robust perimeter fencing around the Capitol, and major street closures to create a vast perimeter around the National Mall where inauguration festivities would take place. Receive emergency alerts We don’t want a situation where an alert needs to be sent out now but isn’t received until 20 minutes later" Everbridge was also working closely with officials to ensure that should an emergency arise, alerts would be sent out to stakeholders, says Brian Toolan, Director of Government Strategy for Everbridge. Toolan explains that D.C. created a keyword alert, “Inauguration,” and allowed individuals to text to opt-in to receive emergency alerts and notifications about the inauguration. D.C. also installed additional cellphone towers throughout the District to increase coverage, capability, and capacity for emergency alerts. “You never know how many people are going to opt-in to a system, and we want to make sure the platform is able to scale and send out that notification quickly,” Toolan says. “We don’t want a situation where an alert needs to be sent out now but isn’t received until 20 minutes later.” Creating alert fatigue On inauguration day, all the preparation and planning came to fruition for a seemingly uneventful day. Forty-fifth U.S. President Donald Trump departed the White House in the morning, 46th U.S. President Joe Biden was sworn in in the afternoon, and the transfer of power was completed without incident or a flurry of emergency alerts. After the inauguration, D.C. would delete the numbers individuals used to opt-in to alerts on the event and would transfer its focus back, again, to issuing alerts on the COVID-19 pandemic and vaccine distribution without creating alert fatigue. Keeping messages brief “We always look at the fact that we don’t want to over-notify - that the more information we get isn’t always the best information, and you can lose your audience when something critical happens,” Toolan says. “Keeping your message brief, actionable, and to the point of what you need the person to do is critical. They should be able to read it within three seconds of getting it.”
Everbridge, Inc., the globally renowned company in critical event management (CEM), has announced that the company has unveiled new CEM capabilities across the Internet of Things (IoT) for corporate, government and healthcare organisations to protect their people, assets, operations, supply chain and brand from critical events such as coronavirus (COVID-19). Everbridge CEM platform Everbridge’s industry renowned CEM platform will feature a new IoT extension module that will also leverage the intellectual property from recent technology acquisitions of Connexient and CNL Software. As a result, organisations will be able to gather a broader range of situational intelligence and automate targeted responses throughout their entire safety, security, and operational continuum – from across a global footprint to within campuses and facilities. Everbridge CEM platform enables organisations to utilise vast amounts of electronic data, including IoT sensors With the number of IoT devices expected to approach 75 billion by 2025, the Everbridge CEM platform enables organisations to utilise vast amounts of electronic data, including IoT sensors, to digitally transform how they manage the safety and security of their employees, customers, patients, first responders, residents, and visitors, as well as the resiliency of their operations and supply chain. Critical Event Management (CEM) for IoT CEM for IoT extends the number of use cases for the Everbridge platform within the broader critical event management market, complementing the company’s existing offerings for supply chain and wearable devices. Companies, governments and healthcare organisations utilise CEM to mitigate risks from coronavirus with several million COVID-19 related communications deployed by Everbridge in recent weeks. The expansion of CEM for IoT enhances coronavirus-related use cases to better protect people, operations, supply chain and brand. Coordination between first responders, healthcare units For example, the Everbridge ecosystem supports over 1,500 healthcare entities including the top pharmaceutical, biomedical and medical device and manufacturing companies, as well as the largest healthcare systems (overseeing more than 25 percent of all hospital beds in the U.S.), managed care organisations, pharmacies, and statewide health alert networks (HANs), including the Center for Disease Control and Prevention (CDC) and the National Institutes of Health (NIH). CEM for IoT improves the ability to coordinate first responders and other critical healthcare resources such as intensive care unit (ICU) beds, respirators, expert medical staff, etc., based on real-time data on the broader impact of COVID-19. Data security and threat identification The Everbridge CEM framework includes aggregating tens of thousands of data sources to identify threats Everbridge’s IoT initiative employs the same CEM framework currently being used by global industry firms involved in aircraft manufacturing, financial services, entertainment & media, high tech, healthcare, hospitality, retail, pharmaceuticals, the federal government, and other sectors. The Everbridge CEM framework includes aggregating tens of thousands of data sources to identify threats; determining the relevance of a threat to an organisation’s people, facilities, assets, supply chain and reputation based on their dynamic locations; automatically initiating and orchestrating an enterprise-wide response plan using the organisation’s policies and procedures and monitoring execution of that plan; while analysing cycle times and results to identify bottlenecks and improve future performance. The acquisitions of Connexient and CNL Software augment the IoT capabilities of the Everbridge CEM Platform bringing the total number of out-of-the-box integrations to over 225. Integrations include numerous healthcare systems, indoor positioning, digital wayfinding, building management, access control, intruder detection, video management, and many more. Safe City and Smart Building programs Everbridge solutions secure major events, cities, states, military installations, government buildings, universities, airports, corporate campuses, and healthcare facilities, providing instrumental functionality to Safe City and Smart Building use cases across multiple critical events including coronavirus. The CEM platform monitors threat data streams continuously, alerts stakeholders" “The CEM platform monitors threat data streams continuously, alerts stakeholders when there is a relevant issue, and automatically orchestrates a coordinated response—it is always on,” said Imad Mouline, Chief Technology Officer (CTO) of Everbridge Inc. Connected, IoT devices Everbridge has experience with early implementations of Safe City and Smart Building programs in both the public safety and corporate space. According to IHS Markit, the global Safe City market will reach $35.8 billion in 2024. Brand Essence Market Research forecasts the overall Smart Building market will grow to $59 billion in 2025. The utilisation of a network of connected devices, or IoT, will make up a portion of both markets.
Everbridge, Inc., a provider in critical event management and enterprise safety software applications to help keep people safe and businesses running, announced the next generation of its Critical Event Management (CEM) Platform. Unveiling a single, turnkey operating environment for managing critical events, Everbridge customers can now leverage the company’s powerful visualisation and orchestration capabilities built natively into its market-leading CEM platform. Everbridge’s next generation SaaS platform also features the ability to dynamically locate employees at risk and provide organisations with enhanced and actionable risk intelligence. Everbridge’s next generation SaaS platform also features the ability to dynamically locate employees at risk Challenges in a mobile world In today’s increasingly mobile world, organisations are challenged with managing critical incident preparedness, communications and response. Everbridge transcends this challenge by enabling any organisation to leverage a single, integrated view for managing and responding to enterprise risk across business continuity, employee/asset safety, supply chain and business resiliency. Unifying its Visual Command Centre (VCC) software with its entire suite of CEM applications provides organisations with an end-to-end operating environment to take an ‘Assess, Locate, Act and Analyse’ closed loop approach to managing critical events. This unified solution enables organisations to: Assess – detect and gain situational clarity about a threat and its potential impact to people and assets Locate – pinpoint key stakeholders including responders and resolvers, those in an impact location, and others that need to know, i.e. government officials and business executive teams Act – initiate and manage automatic incident communications workflows to quickly and decisively mitigate or eliminate the impact of a threat Analyse – conduct analysis on actions taken to understand patterns and improve outcomes and preparation for the next critical event. This end-to-end approach enhances an organisation’s ability to proactively anticipate threats to their people and assets and take actions such as adjusting supply chains and travel schedules to avoid risks. It also enables an organisation to reduce cycle times in identifying threats, initiating response, and confirming that their people and assets are safe. Visual Command Centre key goals “Our goal is to provide security and risk professionals with an end-to-end operating environment to mitigate or eliminate the impact of critical events to their organisation,” said Imad Mouline, CTO at Everbridge. “The next generation of our CEM platform unifies real-time threat intelligence and situational awareness with the ability to dynamically locate people and assets, automate incident response workflows, and generate the metrics to measure the performance and impact of actions and outcomes.” This end-to-end approach enhances an organisation’s ability to proactively anticipate threats to their people With Visual Command Centre software unified as a core component of the CEM Platform, organisations can receive immediately actionable data to easily visualise, assess, and predict which events could hamper or severely threaten their most valuable assets or continuity of operations. Providing a wide array of risk data that includes threat, reference, and contextual feeds from a variety of public, partner and proprietary sources, Everbridge provides customers with award-winning visualisations and user experiences including: A full complement of integrated risk event data sources including general safety and security, terrorism, Everbridge Nixle®, transportation-related, civil unrest, crime, weather, earthquakes, wildfires, and more. Contextual data sources to assist operators with workflow including weather overlays, live traffic cameras, traffic flow conditions, and geo-tagged social media feeds. Reference data sources including airport locations, critical infrastructure, and geo-political borders. Time, search, and spatial queries and filtering with Export to Excel for ease of use. As a result, organisations will be able to: Feed dynamic location data from access control systems, travel management solutions, Wi-Fi access points and other sources using Everbridge’s Safety Connection solution directly into VCC to enable location-aware intelligence for employees and other stakeholders. Automatically alert and stream live video to VCC when Everbridge mobile app users signal SOS or miss a Safe Corridor check-in Embed Everbridge’s Incident Communications solution to provide seamless multi-modal communication and summarisation of response to contacts affected by critical events. Incidents can be initiated using the company’s Crisis Commander® product workflow. As part of its next generation platform, Everbridge is also providing a new Admin Console, where customers can upload and manage their asset data, configure Visual Command Center data feeds, set Alert rules and permissions to manage access to data, and set Incident Communications integration preferences. The Admin Console provides full self-service capabilities for the customer.