3 Key Steps to Prepare for and Secure Large-scale Events

Large-scale events like major sports competitions, concerts and international conferences pose incredible opportunities for shared experiences. However, they also come with escalating risks, from severe weather and public safety incidents to cyber attacks. 

These events require significant coordination between various organizations, both public and private, at the local, state, national and/or global level. Add to that the many types of people in need of protection, from politicians and high-profile leaders to thousands of spectators, and the stakes increase significantly. Success depends on meticulous planning, robust operational execution, and comprehensive post-event audits. 

Here, I explore three key steps public and private sector organizations can take to safeguard large events more efficiently and effectively, as well as how real-time information helps them quickly mitigate or avoid potential threats.

Start early: Pre-event planning

As soon as you know you’re going to host a large-scale event, start preparing. Best practices dictate that coordination and planning begin at least 12-18 months prior to the event. 

But some events require even more lead time, like the Olympics and Paralympics. Planning for the 2028 summer games in Los Angeles, California has been underway since 2023. 

The pre-event planning phase is the perfect time to look at what’s worked well for other organizations and peers. Don’t try to reinvent the proverbial wheel. Adopt proven practices.

It’s important to remember that pre-planning is just as crucial as the event execution, because you need to understand the everyday environment of the location. What type of incidents happen regularly? Has there been a recent increase in public safety incidents? What do traffic patterns look like? 

Understanding these factors early on is key to establishing a baseline of knowledge—one that you will continue to build on, from pre-planning to the actual event. 

This is also the time to develop the strategic vision for the event and establish your core planning group. You can then formalize cross-agency and cross-sector communications, which ensures information symmetry among all the different organizations involved. Collaboration between all stakeholders, including public safety agencies, private security firms, IT professionals and even supply chain partners allows for more comprehensive, detailed risk assessments to identify and mitigate potential vulnerabilities—whether physical, digital or a combination of both. 

Take, for instance, the 2025 U.S. Super Bowl. In preparation for the event, held in New Orleans, Louisiana, nearly 200 private and public sector organizations met to develop inter-organizational relationships and discuss security strategies for protecting those in and outside the stadium.

In addition, incidents like the ransomware attack on Paris Olympic venues showcase why cyber risk assessments are critical during preparatory phases.

“Pre-planning has to include everyone at the decision-making table—law enforcement, EMS, private security, third-party partners—all are vital to success.

— ML Henry, ASM Global VP of Corporate Security

To do so, access to real-time information is essential. Real-time alerting solutions, like Dataminr First Alert and Dataminr Pulse for Corporate Security, help organizations maintain situational awareness and gain comprehensive real-time visibility into the surrounding environment of their event’s venue, enabling them to make well-informed plans.

These solutions also help level the information playing field for all stakeholders during rapidly evolving events.

For example, before a major sports event like the FIFA World Cup, real-time alerts can detect and preempt potential risks such as public disorder or public health crises. These insights allow pre-planning efforts not only to identify risks but integrate mitigation strategies early on.

Stress Test Plans: Operational Management

Similar to pre-event planning, operational management requires incorporating communications, coordination and response scenarios. During this time, an established core planning group should stress test response plans and ensure they are both scalable and flexible enough to pivot or be modified in a time of crisis. Scenarios organizations need to prepare for include: 

• Crowd control issues
• Cyber attacks
• Geopolitical risks 
• Medical emergencies and public health crises 
• Severe weather 
• Terrorism
• Violence

As you can see from the list above, physical safety is no longer the sole priority during events. Increasingly, attention must also encompass cyber risks and threats. For example, identifying social media chatter related to potential disruptions or targeted distributed denial of service (DDoS) attacks, which can significantly interrupt critical systems like  ticketing. 

Or take the CrowdStrike outage in July, 2024 for instance. It affected entry systems at the Marvel Stadium in Melbourne, Australia, locking the country’s Football League fans out of the venue an hour before a game. 

This is also an opportune time to ensure that communication chains are clear and the core planning group understands roles, responsibilities and points of contact. And, this group should have access to—and be well-versed in using—real-time information to inform emergency response plans and mobilize resources quickly in the event of a critical, time-sensitive situation.

We’ve seen our customers do this well when using First Alert and Dataminr Pulse for Corporate Security, by leveraging real-time alerts to ensure all stakeholders have the same access to critical information, allowing for better alignment and faster, more effective risk mitigation. 

“We used Dataminr’s real-time alerts to provide actionable intelligence [for our teams] even before local law enforcement had official reports,” said Henry. “There’s so much data out there—Dataminr helps us make sense of public data in real time and enables us to act fast.”

Capture Lessons Learned: Post-event Audit

Once an event is complete, take the time to capture, analyze and share lessons learned. It’s one of the most critical steps in planning and executing large-scale events. If lessons are not captured, teams will miss out on a major opportunity to improve operations in the future and reduce duplication of efforts.

As such, the act of documenting lessons learned should be fully embedded in operations, including having the core planning team commit to conducting post-event review. In fact, determining who is responsible for capturing those lessons should be done in the pre-planning phase. Teams should ask themselves how they will document lessons learned, and how they will be used.

To have a successful post-event review, security teams and their partners should:

• Openly and honestly share feedback. What went wrong? What should we have done differently?
• Be willing and flexible to adjust security strategies for future events

“This is how you’ll improve not just security but the overall experience of attendees at your venue, from every level and within every discipline,” said Henry. “You shouldn’t have to talk about the same issue(s) at the next event.”

When each of these phases is done right, security teams are better able to safeguard major events. Add real-time information to the equation and the ability to protect people and infrastructure significantly increases. 

Learn More

See how Dataminr enables security professionals to stay ahead of risks, manage incidents more efficiently and respond to crises faster.

This blog has been updated from the original, published on April 4, 2023, to reflect new events, conditions or research.