From Prevent to Protect and Prepare: The Manchester Arena Attack and Shifting Priorities in the United Kingdom’s Counter-Terrorism Strategy (CONTEST)

Abstract

This article analyses the UK’s counter-terrorism strategy CONTEST from a Disaster Management perspective. The article argues that since the Manchester Arena attack in May 2017, there has been a reorientation in CONTEST away from a primary focus on Prevent towards a greater concern with Protect and Prepare. We argue this move should be welcome, given it provides the wider benefit of embedding emergency preparedness and improving multi-agency response to all types of major incident in the UK. The article analyses the inquiry into the Manchester Arena attack to identify three important lessons for the development of CONTEST.

On the evening of Monday 22 May 2017 at the Manchester Arena, just prior to the end of a concert featuring the singer Ariana Grande, a suicide bomber detonated an improvised explosive device (IED) in the foyer of the arena, killing 22 people and injuring many more.¹ The attack was a test of the UK’s counter-terrorism strategy CONTEST, which is made up of four workstreams: Prevent, Pursue, Protect and Prepare. In particular, the events in Manchester were a test of the Protect and Prepare workstreams, which are the areas of the strategy based upon core principles and logics from the field of Disaster Management. The Kerslake Review has argued that the response by the emergency services to the terrorist attack in Manchester highlighted “the benefits of investing in collaborative partnership and emergency planning”, which on the night of the incident “were demonstrated to the full”.² However, although the overall response was deemed by Kerslake to have been effective, the recently completed Manchester Arena Inquiry³, chaired by Sir John Saunders, has suggested “significant aspects of the emergency response… went wrong”, particularly during the first “golden” hour of the incident.⁴ As such, the inquiry identified important areas of learning for the emergency services and other key stakeholders, which we argue have significant implications for the Protect and Prepare dimensions of CONTEST.

The CONTEST strategy, first created in 2003, has been at the centre of controversy in the UK over one specific aspect of the programme: the Prevent workstream. Prevent has been criticised for many reasons, but of particular concern has been a perception the strategy has led to the targeting and surveillance of Muslim communities in the UK.⁵ The focus on Prevent, both in terms of policy and academic research in this area, has meant the often-valuable contributions made by the other workstreams within CONTEST have been overlooked. We argue, therefore, with specific reference to the UK, the Protect and Prepare dimensions of CONTEST are incredibly vital workstreams, which also have wider benefits for society beyond countering terrorism.

The events of May 2017 led to calls for the UK government to introduce a statutory requirement on businesses and those responsible for public spaces, including specifically events or places where large crowds attend or congregate, to protect these sites from terrorism through the new “Protect Duty”.⁶ In February 2021, the UK Home Office opened a consultation on the proposed law paving the way for draft legislation, which was presented for parliamentary consideration in May 2023. The law entails a legal obligation for key stakeholders to put in place physical security measures to protect the public, train staff to be aware of the terrorist threat, respond in the event of a terrorist incident and put in place emergency response plans.

Alongside this, the fourth iteration of CONTEST, released in 2023, has proposed further developments in the Prepare workstream, including a requirement the emergency services work towards further embedding interoperability in multi-agency response structures.⁷ The updated strategy also emphasises the importance of “training, testing, exercising and ensuring that effective cross-organisational systems are in place to capture and act on lessons”, if multi-agency response to terrorist incidents is to be successful.⁸ We argue these developments: (a) reflect a reorientation in the focus of CONTEST away from a primary concern with Prevent to an increased recognition in the importance of further developing the Protect and Prepare workstreams of the strategy; (b) are welcome, given they provide the wider benefit of embedding emergency preparedness and improving multi-agency response for all types of major incident in the UK.

In order to make this argument, the article is split into three sections. First, a history of CONTEST is provided to demonstrate how the strategy itself was inspired by imperatives from the field of Disaster Management. The literature on CONTEST is then reviewed. It is argued while considerable attention has been given to Prevent in terms of both the focus of policy and in academic research on this topic, the Protect and Prepare aspects of the strategy, while still important, have been a secondary concern for policy-makers and an area that would also benefit from further engagement in the scholarly literature.

Second, the article analyses the historical development of the Prevent, Protect and Prepare elements of CONTEST to demonstrate how these areas have evolved over the past 20 years. Specifically, we show how the period from the London bombings in 2005 through to the Manchester Arena attack was characterised by a primary focus on Prevent, with a reorientation in the focus of CONTEST occurring in 2017, in the wake of the Manchester attack, since when greater importance has been given to Protect and Prepare. To be clear, we are not claiming these workstreams have been neglected at the expense of Prevent, nor are we suggesting Prevent has been a success. As we demonstrate below, since the 2005 terrorist attacks in London, important work has been completed in the areas of Protect and Prepare. Instead, what we are arguing is that the primary focus of CONTEST, particularly in terms of the political capital invested in this area, has been Prevent, with the other workstreams given less prominence. We argue the reorientation towards Protect and Prepare is a welcome development, given the problems that occurred in relation to the emergency response at Manchester.

Third, the article analyses the response to the Manchester bombing in order to highlight why Protect and Prepare are necessary dimensions of counter-terrorism policy. Here we outline some of the key findings from the Manchester Arena Inquiry in relation to the failings that occurred in the immediate period before and after the attack. The article concludes by highlighting three important lessons arising from Manchester, which demonstrates the importance of further work to improve emergency preparedness and disaster response in the UK.

The UK CONTEST Strategy: Emergency Planning and Counter-Terrorism

CONTEST was first launched in November 2002 by Sir David Omand, the first Permanent Secretary and Security and Intelligence Co-ordinator in the Cabinet Office.⁹ Although the strategy was not available publicly until the release of the CONTEST White Paper in 2006¹⁰, the strategy has underpinned the UK response to terrorism since 2003. Interestingly, rather than being driven solely by counter-terrorism and security concerns, the CONTEST strategy arose as part of a broader emergency planning drive in the early 2000s under the New Labour government, which was motivated by the terrorist attacks on September 11, 2001, and the threat posed by public health emergencies, including the SARS-CoV-1 virus that spread across Asia in 2003. This emergency planning imperative was given a statutory basis with the signing into law of the Civil Contingencies Act in 2004, which replaced previous emergency planning process that were largely reliant on ad-hoc local coordination and established a “multi-level resilience infrastructure” for the first time in the UK.¹¹ As Omand explains, CONTEST was part of a broader move to apply “risk management as a planning tool in government generally”, the purpose of which was to ensure “the risk to the public from terrorism”, alongside a multiplicity of other potential hazards, could “be reduced”.¹² This was reflected in the strategic aim of the first CONTEST strategy, which sought “to reduce the risk from international terrorism, so that people can go about their daily lives freely and with confidence”.¹³

To date, there have been four iterations of the strategy.¹⁴ In each iteration, CONTEST has consisted of four work streams: Prevent, Pursue, Protect and Prepare. Prevent is concerned with tackling the “radicalisation” process by which individuals are drawn into terrorism. Pursue aims to reduce the threat of terrorism by disrupting terrorists and their operations. Protect seeks to reduce the threat to the UK by reducing the UK’s vulnerability to terrorism, including the vulnerability of critical national infrastructure and crowded public spaces. Finally, there is the Prepare workstream, which focuses on ensuring the UK is ready for the consequences of a terrorist attack. Each of the four workstreams is chaired by their own individual sub-boards, which intersect to form a coherent and coordinated approach to mitigate the threat from terrorism.¹⁵

It is important to understand that CONTEST is in essence an emergency planning document. It is based on the core principles that underpin the field of Disaster Management.¹⁶ Specifically, it is the logic of what Ben Anderson has referred to as anticipatory action which guides the strategy.¹⁷ Anticipatory action can be understood as “a seemingly paradoxical process whereby a future becomes cause and justification for some form of action in the here and now”.¹⁸ Anderson identifies three different types of anticipatory action: preemption, precaution and preparedness. The concepts are similar in the sense they can be “best thought of as principles or logics that can act as guidelines for government policy”.¹⁹ However, the concept of preparedness differs from preemption and precaution in an important way. Preemption and precaution are forms of anticipatory action that seek to identify known or potential future threats and prevent them from occurring, whereas preparedness “does not aim to stop a future event happening. Rather, intervention aims to stop the [disruptive] effects of an event”.²⁰ In other words, preparedness aims to reduce the consequences and impact of an event, rather than prevent it from happening in the first place.

Given that it is an emergency planning document, it should not come as a surprise that each of the CONTEST workstreams correlate with various aspects of the “disaster management cycle”. As David Alexander explains, the cycle can be split into four phases of mitigation, preparedness, response and recovery that take place across the pre-disaster and post-disaster periods.²¹

The Pre-Disaster Phase

• Mitigation: This consists of all actions taken to either prevent or mitigate the impact of a disaster before it happens. It includes structural and non-structural measures.

• Preparedness: Refers to all actions taken to reduce the impact of a disaster when they are expected or imminent.²²

The Post-Disaster Phase

• Response: Involves the emergency actions taken to respond during the acute phase of a disaster as it unfolds or in the immediate aftermath.

• Recovery: The end of the emergency phase involves all the actions taken to restore or return to pre-disaster conditions or normality as quickly as possible.

If we take each of the four workstreams in CONTEST, we can see how they are inspired by the key principles that underpin effective emergency management and reflect Anderson’s various categories of anticipatory action.

The Prevent workstream can be understood as a form of pre-emptive, long-term mitigation, designed to prevent terrorism from occurring in the first place. Pursue is also pre-emptive in orientation, aiming to prevent terrorist incidents but focuses on disrupting later stage terrorist plots and targets the financing of terrorism. Both Prepare and Pursue are preemptive forms of anticipatory action that focus on the pre-crime period, seeking to identify vulnerable individuals and prevent them from being drawn into terrorism, or similarly using surveillance of individuals, or data and financial transaction, to enable intervention before a crime has been committed.²³ Protect and Prepare, by way of contrast, cover the key stages of the “disaster cycle”, and reflect Anderson’s description of preparedness as a form of anticipatory action. They require the key stakeholders involved in the response to a terrorist incident to have thought through what mitigations can be put in place to reduce the impact of an incident when it occurs (such as training personnel or securing the built environment) and ensure effective response processes have been trained and exercised so responders know what to do in the event of an attack.

The Academic Literature on CONTEST

Academic research seeking to analyse CONTEST has been limited. Pantucci provided an early overview of the initial development of the strategy, including the institutional arrangement for the coordination and management of the UK approach to combating terrorism.²⁴ He highlights the history of counter-terrorism in the UK and explains the logics that underpinned the development of CONTEST. However, like much of the literature in this area, rather than explore Pursue, Protect or Prepare, his primary focus is a critique of the Prevent workstream, which he suggests risks “exacerbating the very problem it seeks to address”.²⁵ Indeed, most of the academic research in this area has focused not on CONTEST but rather the Prevent workstream.

Interestingly, we are unaware of any academic research on Prevent that offers a positive take on its contribution to counter-terrorism in the UK. Instead, Prevent has been criticised for its impact on the UK’s Muslim communities, including its role in constructing Muslims as a “suspect community” and further suggestions it has helped to embed structures of surveillance into those same communities.²⁶ Since the introduction of the statutory “Prevent Duty” in 2015, discussed in more detail below, requiring public sector workers to report those suspected of being “vulnerable” to terrorism to the relevant authorities, criticisms have also been raised regarding its impact on health care and education. Heath-Kelly and Strausz highlight the effect of the Prevent Duty on NHS workers, noting the issues associated with reconceptualising “safeguarding” as a counter-terrorism issue.²⁷ Similarly, Acik et al. highlight the potential “chilling effects” the duty has on “freedom of speech” in educational settings.²⁸

The focus of this article, however, is not Prevent, nor the many criticisms of its implementation and impact, but rather the wider CONTEST strategy and specifically the Protect and Prepare workstreams. In this regard, Gearson and Rosemont have offered the only analysis of CONTEST that has evaluated the strategy in its entirety.²⁹ Writing 10 years after it was first implemented, they sought to assess the effectiveness of CONTEST as strategy. They agree CONTEST laid out a logical roadmap to reduce the impact from terrorist attacks, but argue strongly the strategy does not provide the cohesive approach necessary for sustained success. Gearson and Rosemont argue that while CONTEST is officially labelled a “strategic” document, it does not fit within the boundaries of what might be described as either a “military strategy” or a “grand strategy” for terrorism prevention purposes. Moreover, they suggest although CONTEST asserts itself as a global approach to fight terrorism, in practice it acts more as a domestic terrorism prevention document than an interconnected international counter-terrorism strategy.

Their criticism of CONTEST has some merit. It is not a classic strategy in the military sense of the concept. However, this is to misread what the strategy does and is in practice. The aim is not to defeat terrorism in the same way an enemy in a military conflict might be defeated through the application of an effective strategy. As explained above, CONTEST is an emergency planning document designed to embed risk identification, risk management and risk reduction into government through the embrace of the core principals of Disaster Management.³⁰ Specifically, the main aim of CONTEST throughout all four iterations of the strategy has been to “reduce the risk” from terrorism to the UK³¹, with the various measures outlined in the strategy documents reflecting key principles of Disaster Risk Reduction (DRR).³² Instead, if we view CONTEST as driving a cross-departmental and multi-agency approach to counter-terrorism, as Gearson and Rosemont concede it does (alongside various other hazards faced by the UK), with the overarching aim being to embed practices of anticipatory action into government policy, through an increased focus on DRR and an emphasis on the need for emergency preparedness, then a different evaluation can be made as to its effectiveness.³³

The focus on (counter)terrorism as a key concern for emergency management has led some commentators to suggest the danger of creating a society in which citizens live in a state of “permanent emergency”. This is a problem identified by Walker and Cooper, who suggest placing crisis response on a permanent footing leads to the integration of emergency preparedness into everyday life and specifically the psychology of citizens, a potential consequence of which is to instil a permanent state of anxiety in the population.³⁴ In the context of UK counter-terrorism, this is an assessment shared by Batley.³⁵ She claims Prepare’s focus on improving counter-terrorism awareness in the UK citizenry might scare the public or lead to discriminatory profiling. We argue here, however, concerns over the creation of a state of permanent emergency/anxiety generated by counter-terrorism preparedness are misplaced. This is a misreading of what is driving the process. It is not counter-terrorism or more general security concerns driving the process of emergency planning, it is the other way around. It is a concern with emergency planning that has shaped CONTEST. A more accurate way of describing CONTEST would be that it reflects a wider imperative within the UK to ensure a state of permanent readiness for emergencies, i.e. all types of emergencies, rather than “permanent emergency” per se. Indeed, in support of this claim, research by Dresser at al. has confirmed that while questions remain over the extent of its effectiveness, “counter-terrorism messaging” does not result in or induce “greater levels of public fear”.³⁶

The literature dealing with the other workstreams in CONTEST is also very limited. Hardy has discussed the extent to which the concept of resilience is embedded within the Prepare workstream of the strategy.³⁷ Hardy’s analysis of Prepare highlights the link between this workstream and emergency response, with resilience in the context of CONTEST referring to the UK’s ability to mitigate the impact of a terrorist attack and then recover quickly. Hardy shrewdly identifies the essence of resilience within the Prepare workstream, like the overarching strategy itself, as informed by a wider concern with how emergency management practices can be applied beneficially to mitigate a wide range of risks. He notes although the “strategy certainly focuses on terrorism… it stresses a ‘generic’ approach that is relevant to ‘all kinds of threats and hazards’, including floods and the spread of infectious diseases”.³⁸ Similarly, Coaffee has charted the development of the Protect workstream within CONTEST, highlighting the importance placed on protecting public spaces from the threat of terrorism.³⁹ This included, for example, an obligation on architects and city planners to consider new ways of thinking about the built environment, with the aim to “effectively ‘design in’ counterterrorism measures in ways that did not detract from the experiences of the everyday city”.⁴⁰

This article can be considered a contribution to the small body of research that has sought to explore CONTEST in its entirety, with a specific focus on the hitherto under-researched Protect and Prepare workstreams. The next section analyses the historical development of CONTEST since its inception, showing how there has been a reorientation away from Prevent as the central aspect of policy in this area, to an increasing focus on Protect and Prepare.

From Prevent to Protect and Prepare: A Reorientation in UK Counter-Terrorism?

The argument we make here is that in the period from the terrorist attack in London on 7 July 2005 through to the bombing at the Manchester Arena on 22 May 2017, the primary focus of UK counter-terrorism was the need to prevent terrorism through counter-radicalisation measures developed under the Prevent workstream. This is not to suggest that Pursue, Protect or Prepare were unimportant during this period, but rather they were secondary to the focus on Prevent. To understand why, it is important to consider both the important role of the terrorist attack in London in 2005, the perception of threat outlined in the initial iterations of the CONTEST strategy and other major terrorist incidents that occurred during this period.

An Initial Focus on Prevent: 2005–2016

On 5 July 2005, four British men used explosive devices to carry out a suicide attack on the London transport system. The attackers targeted three underground trains and a London bus, succeeding in killing 52 people and injuring over 700 more.⁴¹ The attack was a major concern to British authorities because it seemed to confirm their gravest fears about the threat posed by “home-grown” terrorism. The four attackers were young men born in the UK, three from Leeds and one from High Wycombe, who were thought to have been inspired by radical forms of Islam. Indeed, the first public facing CONTEST strategy document, released shortly after the attack in London, was clear in identifying the “principal terrorist threat” to the UK as one that arose from “radicalised individuals who are using a distorted and unrepresentative interpretation of the Islamic faith to justify violence”.⁴² At this point, the priority for UK counter-terrorism was the development of counter-radicalisation policies, designed to reduce this specific risk. Focusing predominantly on the “Muslim community” as the primary source of the threat, the CONTEST strategy outlined measures to tackle disadvantages, deter those who facilitate terrorism and win the “battle of ideas” by challenging “the ideological motivations that extremists believe justify the use of violence”.⁴³

This perception of risk and threat, as emanating primarily from Islamist extremist terrorism – and by extension the “Muslim community” in the UK – led to the Prevent workstream being developed into the stand-alone Prevent Strategy, making Prevent unique in comparison to the other workstreams, which have not been provided with an individual strategy document outside of CONTEST. Paul Thomas explains that to date Prevent has run across two phases: “Prevent 1′, developed by the then Labour government, which ran from the initial pilot period in 2007 until the review of Prevent in 2011; and “Prevent 2′, developed by the coalition government, that begun with the release of the updated Prevent Strategy in 2011.⁴⁴

The first Prevent strategy focused specifically on community-based engagement work, with funding for projects managed via the Department for Communities and Local Government (DCLG).⁴⁵ The original funding for the first phase of Prevent was somewhere in the region of £140 million per year across all government departments⁴⁶, with £45million for the period April 2008 - March 2011 given over specifically to DCLG projects.⁴⁷ The way in which the DCLG funding was allocated was particularly controversial, whereby local authority areas with the most Muslims, according to the 2001 UK Census, received the most amount of funding.⁴⁸ This suggests in its initial iteration, Prevent funding was driven not by actual identifiable risk of extremism but rather the number of Muslims in any given area. This certainly lends credence to critics of Prevent who have argued the strategy, at least in its initial phase, unfairly or disproportionately targeted Muslims.

Concerned with criticism of Prevent and perceived flaws in the programme, the incoming coalition government first paused and then relaunched the strategy in June 2011. In this second period, the DCLG was removed from the programme and funding for local government reduced, with the management of Prevent moved to the national level through the Office for Security and Counter-Terrorism (OCST). The new strategy proposed to extend the focus of Prevent beyond Islamist extremism to target “all forms of terrorism and not just… Al Qaida”.⁴⁹ However, as the then Home Secretary Theresa May explained, “the greatest threat comes from Al Qaida, and those they inspire” and therefore, “the majority of Prevent resources” will be “devoted to stopping people from joining or supporting Al Qaida… or like-minded groups”.⁵⁰ Although the strategy promised to target all forms of terrorism, the focus remained specifically on the “Muslim community” as the main source of potential terrorist threat.

As well as maintaining the focus on Islamist terrorism, the renewed strategy refocused Prevent in several important ways. First, it solidified the role of the Police as one of the key stakeholders responsible for the delivery of the programme. Second, it placed an emphasis on the need to identify and support those most at risk of radicalisation by prioritising the Channel Programme. Channel is the multi-agency programme through which individuals referred to Prevent are assessed to determine whether a “safeguarding” intervention is necessary to prevent that person from being drawn into terrorism. Third, it identified public sector institutions and agencies, including education and health care providers, as central partners in efforts to prevent individuals from being radicalised by identifying those most at risk and requiring they refer those suspected of being vulnerable to radicalisation to Prevent.

As Thomas has suggested, for all the changes and renewed focus, the public profile of Prevent appeared to be reducing until events drew attention once more to the issue of terrorism.⁵¹ The high-profile murder of Lee Rigby in May 2013 and the emergence of the “Islamic State” terrorist group in Iraq and Syria in the summer of 2014, provided the impetus for further developments in this area.

In February 2015, the Counter-Terrorism and Security Act (CTSA) received royal ascent, giving the government new powers to combat terrorism. This was followed swiftly by the first Counter-Extremism Strategy, which was released in July 2015.⁵² The CTSA was particularly important regarding Prevent work. Specifically, Article 26(1), introduced a statutory requirement that “a specified authority must, in the exercise of its functions, have due regard to the need to prevent people from being drawn into terrorism”, or what has become known as the Prevent Duty. As well as this, the CTSA also put the Channel programme on a statutory basis by requiring local authorities to provide support for people identified as vulnerable to being drawn into terrorism. The creation of the Prevent Duty led to a raft of guidance documents being created to advise key stakeholders on how to implement the provisions of the legislation at the local level.⁵³ The introduction of this statutory requirement and the accompanying guidance for local authorities adds further weight to our claim that Prevent was the primary focus prior to Manchester, with the other workstreams not afforded similar attention, both in terms of legislative provision and policy guidance for stakeholders.

As with the first iteration of Prevent, the second phase of the strategy was also criticised. It is clear that while Prevent professes to focus on all forms of terrorism, it continues to prioritise the Muslim community as uniquely vulnerable to radicalisation and the primary source of potential terrorist threat. The Prevent Duty has proved particularly controversial, placing a statutory requirement on teachers, health-care professionals, youth workers and other public sector employees, to report individuals suspected of being at risk from terrorism to the relevant authorities. As Busher et al. explain, at the very least, the new direction taken by Prevent has increased perceptions the strategy itself generates discriminatory structures of surveillance that primarily target Muslim communities, and the Prevent Duty contributes to a wider securitisation of the public realm, including for example in educational spaces.⁵⁴

Indeed, in the period from April 2007 to March 2014, over 3900 referrals were made to Channel with only 20% of cases requiring intervention, meaning thousands of individuals were wrongly referred.⁵⁵ Similarly, in 2015, 70% of referrals to Channel “were linked to Islamist-related extremism while only 15% were linked to far-right extremism”, again reflecting a disproportionate focus on Islam and the Muslim community as a potential source of terrorist threat. Most problematically, since the introduction of the Prevent Duty, Heath-Kelly and Strausz note there has been a five to six-fold increase in Prevent referrals (from 500-1000 a year to over 6000 referrals in 2016), with only 5% receiving Channel intervention.⁵⁶ The increase is clearly driven by public-sector fears of censure for non-compliance, rather than reflecting an increase in the quality of referrals.

This speaks to the heart of the problems with Prevent. It is incredibly difficult to measure the effectiveness of a Prevent intervention. Why? At the heart of the programme is a logical fallacy. Prevent requires intervention in the “pre-crime” period before an individual has thought of committing an act of terrorism.⁵⁷ But how can we ever be certain an individual would actually go on to become a terrorist? Indeed, claims by the government the strategy has “diverted over 1200” people from extremism and potential acts of terrorism can never be truly evaluated for this reason.⁵⁸ From an emergency management perspective, as noted above, Prevent can be understood as a sort of long-term mitigation strategy, similar in logic to the long-term measures you might put in place to deal with natural hazards like flooding (e.g. floodwalls and levees). However, unlike with natural hazards, the mitigations require interventions into human communities. As Hardy explains, this makes Prevent problematic for several reasons.⁵⁹ It shifts responsibility to communities labelled as vulnerable to help identify individuals who are a potential threat, as well as requiring public sector workers to act as de facto extensions of the police and security services. In theory, this may seem like a sound approach, in reality we live in imperfect societies, and so one specific community, the “Muslim community”, has become the primary target of such interventions, as shown in the high numbers of referrals of Muslims to Prevent in the period between 2007-17.

It is for these reasons we argue a focus on Protect and Prepare, rather than the continued development of Prevent, represents potentially a more effective, less controversial and necessary direction for CONTEST to take.

A Reorientation to Protect and Prepare: 2017–2023

Two major terrorist incidents provided the backdrop to the reorientation in the focus of UK counter-terrorism from a primary concern with Prevent to an increasing realisation that Protect and Prepare were of equal or even greater importance. The Manchester Arena attack on 22 May 2017 and the London Bridge attack just two weeks later, on 3 June 2017, were key to this reorientation. The two attacks were similar in that they were both “soft targets”, e.g. public spaces where crowds of people congregate, which represent a complex challenge for those tasked with providing security given how hard it can be to defend such places from terrorism.⁶⁰ The Manchester attack was carried out by a suicide bomber, who targeted crowds of people leaving a pop concert. The attacker detonated an IED in the foyer area (the City Room) of the arena, claiming the lives of 22 people, many of them children, and injuring over 1000 others. The London Bridge attack was carried out by three young men, who drove a van across London Bridge, striking pedestrians, before exiting the van and running in to nearby Borough Market to stab and murder civilians. The attackers killed 8 people and injured another 48, of whom 21 sustained critical injuries.

Of course, as has become the norm after every major terrorist incident, questions were raised in relation to the perpetrators, the extent of their radicalisation and whether more could have been done to prevent the attacks from happening in the first place. However, the two attacks in 2017 were unique in terms of political and policy discourse on counter-terrorism in the UK; it was the first time, publicly at least, questions focused more on whether the attacks might have been mitigated (rather than prevented), through the types of measures proposed under the Protect and Prepare workstreams in CONTEST.

In the case of Manchester, both the Kerslake Report and the Manchester Arena Inquiry highlighted problems with both the preparedness of those responsible for providing security at the venue and the overall emergency response on the night of the attack.⁶¹ In terms of security for the arena, there were missed opportunities by Showsec security guards and British Transport Police to stop the attacker in the moments immediately before the bomb went off. The Manchester Inquiry highlighted greater awareness of the terror threat level and better training might have helped to prevent or mitigate the attack.⁶² Similarly, the inquiry also identified failings in the emergency response by the blue light services, which might also have mitigated the impact of the attack and potentially saved lives. This included a failure by all of the key response agencies to communicate and share information on the situation in the arena after the explosion, meaning some first responders were unable to enter and provide aid to the injured and dying. The inquiry identified better multi-agency coordination and training as essential to resolve these issues.⁶³ Likewise, the Chief Coroner’s report reviewing the attack on London Bridge specified the lack of mitigations in the built environment, in this case the failure to erect either temporary or permanent bollards and/or barriers on the bridge itself, what are referred to as “hostile vehicle mitigation measures”, as contributing to the loss of life.⁶⁴

The attacks in Manchester and on London Bridge were followed shortly by a third iteration of CONTEST.⁶⁵ The revised strategy reflected this shift beyond a primary focus on Prevent, to emphasise the importance of more tangible approaches to counter-terrorism, embodied by Protect and Prepare, which are often discussed together in the updated CONTEST document, and that have been identified as central to reducing the UK’s “vulnerabilities” to terrorism.⁶⁶ Indeed, the foreword by the then Home Secretary, Sajid Javid, noted that in contrast to the first CONTEST document’s overarching aim of reducing the risk from terrorism, “the first duty of the government, and my highest priority… is to protect the public”.⁶⁷ This includes proposals under Protect to further strengthen critical infrastructure and the transport network, increase protection for crowded public spaces, defensive architecture practices and the introduction of augmented security and training protocols for public and private sector stakeholders responsible for locations or events attended by the public. Similarly, Prepare emphasises the continuing importance of coordinating multi-agency response to all types of terrorist attack, to mitigate the impact on individuals, communities and businesses and ensure quick and efficient recovery.

At roughly the same time the third CONTEST strategy was being launched, with the assistance of the Survivors Against Terror support group, Figen Murray, a mother of one of the victims of the Manchester attack, launched a government petition for the creation of the “Protect Duty” or “Martyn’s Law”.⁶⁸ The proposed law requires venues to provide staff with counter-terrorism training, carry out risk assessments and put in place a counter-terrorism action plan. Partly in response to this campaign, in early 2021, the UK government began a public consultation regarding a new “Protect Duty”. The aim of the consultation was to “consider how Government can work together with private and public sector partners to develop proportionate security measures to improve public security and to counter terrorism”.⁶⁹ The consultation paved the way for the creation of the Protect Duty legislation, which was announced on 19 December 2022, with the draft legislation sent for Parliamentary review in May 2023. The new law, once enacted, will place a statutory requirement on those responsible for certain locations and events to consider the threat from terrorism and implement proportionate mitigation measures, including counter-terrorism awareness training for staff.

It can be argued, therefore, that the major terrorist incidents in London and Manchester in 2017 provided impetus for greater attention on the Protect and Prepare strands of the CONTEST strategy. However, this is not to suggest, as previously noted, that Protect and Prepare (or Pursue, for that matter) were neglected during the period from the London attacks in 2005 to the Manchester attack in 2017. As Jon Coaffee explains, the terrorist attacks on 7/7 saw “increased prominence” given to the Protect strand of CONTEST, with the Home Office, the Centre for the Protection of National Infrastructure (CPNI) and other partners, emphasising the importance of reducing the vulnerability of crowded public spaces and key national facilities.⁷⁰ During this period, the UK government commissioned a review by Lord West that reported in 2007 the need to increase security at “strategic national infrastructure (stations, ports and airports) and other crowded places, and to step up physical protection against possible vehicle bomb attacks”.⁷¹ This was also to include work with architects and planners to “design in” protective security mitigations to make public spaces safer.

Coaffee notes that the “intention since 2007” was to establish a national framework, through which protective security for public crowded spaces could be identified, monitored and improved.⁷² In this regard, certain steps were taken, most noticeably the creation of two training programmes under the umbrella of NaCTSO. Project Griffin, launched in 2004, provided “terrorism awareness” training businesses, public sector organisations and the public. Project Argus, created in 2007, was similar in scope to Griffin, but was aimed specifically at key stakeholders in the community, responsible for the security of public spaces, including senior managers, security staff and those involved in emergency preparedness in schools, hospitals, shops, offices and other places of public interest.⁷³ The programmes have since been replaced with the online Action on Counter-Terrorism (ACT) training packages, which have sought to engage an even wider range of stakeholders in preparing for terrorist incidents.

The other key area where steps were taken after 7/7 was with issues identified under Prepare in relation to the effectiveness of emergency response to major incidents. The second iteration of CONTEST, highlighted issues involving “interoperability” of the emergency services, suggesting the need for “a standardised approach within an emergency service and improved cooperation on the ground between first responders”.⁷⁴ The second CONTEST strategy gave further impetus to the creation, in 2012, of the Joint Emergency Services Interoperability Programme, which also cited failings during the London bombings, in 2005, as a key reason for this development. The programme ended in 2014, but was renamed the Joint Emergency Services Interoperability Principles (JESIP) and remain in operation today. The purpose of JESIP is to “ensure the blue light services are trained and exercised to work together as effectively as possible at all levels of command in response to major or complex incidents (including fast moving terrorist scenarios) so that as many lives as possible can be saved”.⁷⁵

The JESIP approach to multi-agency working consists of five key principles. Co-locate requires incident commanders to locate in the same place as soon as is practicably possible. Communicate asks responders to speak in the same clear language, free from technical jargon. Co-ordinate involves agreeing the lead organisation for the incident and to identify priorities and limitations to ensure effective response. Jointly understand risk requires the sharing of information about the likelihood and impact of potential hazards and threats. Shared situational awareness asks responders to share information on the incident using tools such as the Joint Decision Model and METHANE.⁷⁶ The METHANE message used by first responders to share information about an incident is incredibly important. It consists of the following: a clear statement of whether a major incident has occurred (M); the exact location (E); the type of incident (T); the types of hazard present (H); information on how to access the location (A); the number of casualties (N); and the emergency services required to attend the scene (E).

However, while it is important to acknowledge steps were taken in the period from 7/7 to the Manchester attack to embed Protect and Prepare work into wider society, it is also apparent from the failings at Manchester and London Bridge that more might have been done in this regard. Indeed, alongside the proposals for a new Protect Duty, the third iteration of CONTEST, released in 2018, brought in two specific aims related to these issues under the Prepare workstream. First, government should fully embed JESIP “across the emergency services by 2020, to ensure that they can work together effectively in response to a terrorist attack”.⁷⁷ Second, a requirement the emergency services must “regularly test and exercise the multi-agency capabilities required to respond to, and recover from, a wide range of terrorist attacks”.⁷⁸ These proposals have been reinforced by the fourth iteration of CONTEST, released in July 2023, which stated a core focus of Prepare would be to “ensure that the response to terrorism is a core skill, that JESIP is embedded in the mindset of every frontline responder, and that these skills are regularly tested, exercised, and improved.⁷⁹

It is clear then, during the period before the Manchester attack the primary focus of CONTEST was on Prevent, which, regardless of the many criticisms and issues over its efficacy, came to represent the central pillar of the UK’s counter-terrorism strategy. In the period since May 2017, there has been a reorientation in the focus of CONTEST and acknowledgement of the need to further develop the Protect and Prepare aspects of the strategy. This is reflected in the moves to create a Protect Duty, which will specifically place the need to improve counter-terrorism awareness amongst key stakeholders on a statutory basis, and the strengthening of preparedness activity through new measures proposed under the Prepare workstream. We argue these are welcome developments, given the broader benefits to emergency management in the UK, from an increased focus on improving interoperability between the emergency services, further exercising and better training for major incidents this will bring.

As Hardy has pointed out regarding Prepare, making communities responsible for training of emergency responders or encouraging businesses to engage in awareness training for major incidents and to develop business continuity plans have very few drawbacks.⁸⁰ Indeed, the same can be said for Protect, where the provision of guidance on protective security to those responsible for events and crowded spaces or increases in the resilience of the built environment through design principles that emphasise reductions in vulnerability, can all be considered uncontroversial steps that can be taken to counter terrorism. We agree with Coaffee’s earlier assessment that “the connection between the ‘Protect’ and ‘Prepare’ strands of CONTEST is… vital to ensuring a more integrated counter-terrorism strategy”, given that they incorporate “both a range of ‘hard’ engineering and design solutions and ‘soft’ governance and management arrangements”.⁸¹

The following section will now move on to consider several important lessons from the Manchester arena attack, which we argue show the importance of Protect and Prepare and demonstrate why this reorientation is not only important, but a welcome development.

The Manchester Arena Attack: Identifying Lessons and the Importance of Protect and Prepare

There have been four major reports into the response to the Manchester attack: the Kerslake Report and the Manchester Arena Inquiry Reports on “Volume 1: Arena Security”, “Volume 2: Emergency Response” and “Volume 3: Radicalisation and Preventability”.⁸² The earlier Kerslake Report dealt only with emergency response and, while recognising specific failings, was more positive about the overall multi-agency response. By way of contrast, the report on emergency response was more critical, particularly during the first “Golden Hour” of the incident, noting several areas where failings directly led to further loss of life.⁸³ Furthermore, unlike Kerslake, the Manchester Inquiry also looked at security at the arena, highlighting areas where mistakes were made and identifying “more than 150 recommendations” across the three volumes.⁸⁴ The analysis below draws on the Kerslake and Manchester Arena Inquiry to highlight several areas where lessons can be identified, which have specific implications for the Protect and Prepare dimensions of the CONTEST strategy.

Before moving forward, it is necessary to outline several important concepts in relation to major incident management in the UK. First, is the term “major incident”, which would normally be declared by the first responder agency on the scene and then disseminated to other agencies as quickly as possible.⁸⁵ Second, the management structure used by the blue light services for all types of (multi-agency) major incident in the UK is referred to as Strategic (Gold), Tactical (Silver) and Operational (Bronze). Gold sets the strategic direction, coordinating and prioritising resources. Silver interprets the strategic objectives, develops the tactical plan and coordinates the response. Bronze is responsible for executing the tactical plan, with first-responders working at the site of the major incident. Third, there are two key locations essential to effective multi-agency response. The Rendezvous Point (RVP) is a single place, where all responder agencies should travel and co-locate. The RVP needs to be identified and communicated between agencies as quickly as possible. The Forward Command Post (FCP) is where (Tactical) commanders from each responder agency at the scene meet and co-locate, again to ensure effective command and control of the situation. Fourth, are the JESIP principles discussed earlier in the article. In the Manchester Arena attack, the MI Report noted “significant failures in relation to each of the… [JESIP] principles for joint working on the night of the attack”.⁸⁶ Significantly, the two principles where major issues arose were Co-locate and Communicate.

What Went Wrong at Manchester? Problems for Protect and Prepare

In disaster management, emergency responders often talk about the “Golden Hour” as essential to the mounting of an effective response that can save lives.⁸⁷ Although this is an arbitrary amount of time, relatively speaking, it is useful for communicating the urgency with which responders should be acting from the start of an incident. For tactical level commanders, this hour is essential in terms of gathering information, making key decisions and putting in place a structure to bring order to the chaos of the situation. In emergency response, every second counts if lives are to be saved. According to Saunders, the Golden Hour at Manchester started with the explosion at 22.30, ended with the removal of the last living victim at 23.39 and “should have been shorter than it was”.⁸⁸ During the Golden Hour, failures by all of the key responders to enact the JESIP principles hampered the response. The key responder agencies during the attack were: the British Transport Police (BTP), Greater Manchester Police (GMP) Greater Manchester Fire Service (GMFRS) and Northwest Ambulance Service (NWAS). The other key stakeholders involved in the management of the event and the response to the incident include: the arena operator, SMG; the company providing security at the arena, Showsec; and the arena’s event healthcare provider, Emergency Training UK (ETUK).

Protect: A ‘Missed Opportunity’ to Identify the Attacker

Before considering the emergency response to the attack, we want to start by highlighting the first inquiry report on security at the arena and the missed opportunities to stop the attacker before he detonated the bomb.⁸⁹ To be clear, we are not talking here about the Prevent programme and whether the attacker might have been stopped long before the incident, but rather the opportunities in the minutes before the attack and whether security at the arena could have intervened. In the days leading up to the attack, the bomber carried out “hostile reconnaissance” at the arena. Volume I of the Manchester Arena Inquiry acknowledges it would have been very difficult to identify or disrupt the attacker at this point.⁹⁰ As such, the main opportunity to either prevent or mitigate the attack came on the night itself and during two time periods when an intervention by security might have taken place. Between 20.30 and 20.51, the attacker moved from the tram stop at the arena to the City Room where the bombing took place, remaining there until 21.10. At this point, the attacker returned to the tram stop, arriving there at 21.13. The attacker then began their final journey to the City Room at 21.29, arriving at 21.33 and positioning himself on the mezzanine. At 22.30 the attacker descended into the City room and detonated the explosive.

In the period from 20.30 to 20.50, as the attacker walked to the City Room, he passed two BTP Community Support Officers and two Showsec support staff. The attacker was wearing heavy clothes and a 30 kg backpack, which might have drawn suspicion, given it was a warm evening in Manchester. The report notes, however, it would not be fair to criticise the failure to stop the attacker at this point as a missed opportunity. In the first period the attacker spent in the City Room (20.50-21.20), they had placed themselves in a CCTV blind spot, again making identification of suspicious behaviour incredibly difficult. However, the attacker had walked past a Showsec guard, who had noticed him walking through the arena. Importantly, there was also an issue with the perimeter, which had not been extended out to the City Room and, as a result, allowed the attacker to remain in place without having their bag searched.⁹¹

The missed opportunities to stop the attack came in the period between 21.33 and 22.30, when the bomber returned to the City Room for the second time. The attacker again walked past the same Showsec employee they had previously encountered. According to the inquiry report, the fact the attacker had returned to the same place might have drawn attention to the suspicious behaviour of this individual if the employee had been “adequately trained”.⁹² In the final 30 min before the bomb was detonated, there were multiple opportunities to potentially stop the attack or at least ensure the detonation occurred when less people were in the City Room, thereby mitigating the impact. Between 22.00-22.30, there should have been at least one BTP Officer in the City Room but, acting against protocol, none had entered. Normally, someone from BTP would be placed on the mezzanine, where the attacker was waiting. Similarly, Showsec were expected to complete a pre-egress check before the end of the concert, which it did between 22.09 and 22.17. The check was supposed to have a counter-terrorism element, but instead focused primarily on safety through ensuring routes were clear for fans leaving the arena. As a result, the mezzanine was not checked and an opportunity to identify the attacker missed.

At 22.12, the clearest opportunity arose when a member of the public, Christopher Wild, approached the attacker because they felt he was behaving suspiciously. The concerned citizen asked the attacker if he had a bomb in his bag. Worried by the response of the attacker, Wild reported his concern at 22.15 to the same Showsec guard who the attacker had passed on two occasions. The guard “fobbed off” the concerned citizen and then failed to adequately report this information to a senior supervisor. At 22.22, the guard gave this information to another Showsec employee on the ground, they both went to look at the attacker, but concluded he was not a potential threat. The second Showsec guard did try and pass on the report to a supervisor, but again this information was not relayed adequately because the line was busy. The inquiry report is clear again, a better trained and more aware workforce would almost certainly have identified the attacker as acting suspiciously and acted accordingly.⁹³ Unfortunately, these opportunities were missed and at 22.30, the attacked descended into the City Room and detonated the bomb.

Prepare: Declaration and Communication of a Major Incident

In terms of the emergency response, in the minutes after the explosion, certain problems began to arise. The first of these was a failure of communication in relation to the declaration of a major incident. According to JESIP, it is the responsibility of all responder agencies to make the declaration as soon as the information allows and then to share this through a METHANE message disseminated to all other agencies. It is an essential aspect of emergency response in that it communicates the seriousness of the situation and allows for the enacting of multi-agency response structures.

In an attack like Manchester, the Police Force Duty Officer (FDO) was expected to take the lead until other commanders could assume their roles. On the night of the bombing, the FDO was based at GMP Control, located some distance from GMP Headquarters. At 22.34, the FDO became aware of the incident and assumed both the role of Tactical/Silver Commander in charge and Strategic/Gold Commander. When they deployed firearms officers to the scene, the FDO also assumed the role of Initial Tactical Firearms Commander and the Strategic Firearms Commander. As a result of having four multiple command roles, the GMP FDO was immediately placed under considerable pressure and was overburdened by the number of tasks they had to undertake. This led to a significant mistake: the failure to declare a major incident (which was not rectified for 2.5 h until 01.00).⁹⁴

In contrast, at 22.35 the BTP’s Force Incident Commander (FIC) also became aware of the situation and at 22.39 declared a major incident. At 22.41, BTP control informed NWAS of this decision. However, at no relevant point during the evening were GMP or GMFRS informed of the action taken to declare a major incident. While the BTP FIC in the control room had declared a major incident, BTP officers in the city room where the explosion had occurred also failed to provide a full METHANE message to be shared amongst the other responder agencies. This was because they had not been trained in how to provide such information. At 22.46, NWAS became the second agency to declare a major incident, but again the declaration was not shared with other responder agencies as is required.

The only METHANE message shared during the first hour was from an advanced paramedic for NWAS, stationed near the arena, who had self-deployed to the scene. This message was sent between 22.53-23.00 to NWAS control, confirming that it was a major incident and stated there were at least 40 casualties and 10 deceased, with a further dozen or so priority level one casualties, who were the most seriously injured. The message did not explain GMFRS were not present and that they were needed. This information was not shared by NWAS control with BTP, GMP or NWFC, compounding the earlier failure to declare a major incident. This failure to share information between the key responder agencies had two key impacts. It meant all of the resources needed to respond effectively were not deployed to the scene quickly enough. It also meant the different responder agencies were working off different types of situational awareness, which would impact the response in other ways outlined below.

Prepare: The Failure to Co-Locate

Both the Kerslake Report and the Manchester Arena Inquiry identified a failure to co-locate and agree on both a multi-agency RVP and FCP during the Golden Hour as another major issue during the response to the Manchester bombing. In the first 20 min after the attack, all of the key responders failed to co-locate. At 22.36, the lead GMP Inspector informed the GMP control that the RVP should be at the parking area outside Manchester Cathedral. This information was passed on to NWFC at 22.40 and then given to GMFRS at 23.54. However, the lead GMP inspector, upon realising there was an officer at the arena, had contacted GMP control to direct all officers to the scene itself as the RVP, assuming this message would be passed on to other agencies. The message was not passed on and the Cathedral car park was never used as an RVP. Similarly, before the arrival of the GMP inspector at the scene, one of the first BTP Sergeants on site received a request for an RVP from a BTP officer in Liverpool. The Sergeant rejected the request on the grounds it was more important to focus on treating the injured. The inquiry report explains this was a mistake and that “a multi-agency RVP was urgently required… [as] an important step that would have helped to co-locate resources for the emergency response”.⁹⁵

Similarly, NWAS had decided Central Manchester Fire Station would be the RVP for its ambulances. NWAS Control informed BTP Control of this decision at 22:41. Three minutes later, at 22.44, a BTP officer declared an RVP at the Fishdock car park near the site. This was supposed to be communicated by BTP to both GMP and NWFS. According to the inquiry report, there was no evidence this information was communicated and the Fishdock car park was also not used as the RVP. Possibly the biggest error made in regard to the RVP was the decision taken by North-West Interagency Liaison Officer (NILO) Station Manager for GMFRS. At 22.40, the Station Manager was informed of the Cathedral carpark RVP, information which was itself now three minutes out of date, which he rejected on the grounds it was not safe, instead directing all fire resources to an RVP at Philips Park Fire Station, over three miles from the arena. This decision set in motion a sequence of events that meant GMFRS “played no meaningful role in the response to the attack for nearly two hours”⁹⁶, denying the multi-agency responders on the ground an essential resource.⁹⁷

In the first 15-20 min after the attack, there was substantial confusion over the RVP, with each “emergency service [choosing] its own” and then in some cases failing to communicate that choice to the other responder agencies.⁹⁸ The choice of RVP and the need for a FCP are absolutely essential to effective response, given they provide co-location of resources and the ability to share situational awareness between the multi-agency tactical group. Again, this was a significant failure, which slowed the deployment of resources to help the victims of the attack.

Prepare: Failure to Communicate Operation Plato

Another major issue at Manchester involved the declaration of Operation Plato. This is the emergency services protocol for responding to a marauding terrorist firearms attack. Importantly, when a decision is taken to enact Operation Plato, a requirement is placed on the specialist officers to undertake “zoning”. This involves designating parts of the scene as “hot”, “warm” or “cold” zones.⁹⁹ A “hot” zone refers to an area and point in time where attackers are present, there is an immediate threat to life and armed police intervention is undertaken to neutralise the threat. A “warm” zone is an area and point in time where the threat is thought to have passed, but attackers may return and therefore cannot be designated as safe. A “cold” zone is an area and a point in time assessed as safe with no immediate threat to life. The purpose of zoning is to protect emergency responders from becoming targets of further terrorist attacks. Emergency responders, other than specialised firearms officers, cannot enter a “hot” zone, they can only enter and work in “warm” or “cold” zones.

In the first minutes after the bomb went off, first responders to enter the scene included Advanced Paramedic Patrick Ennis, based near to the Arena, who chose to self-deploy, nine BTP officers and an ETUK healthcare worker, who sought to provide help to the casualties. They were followed shortly by firearms officers eight minutes after the explosion. By 22.41, one of the firearms officers outside the arena updated the FDO that there were major casualties, ending his call to the FDO with the statement “Operation Plato”. At 22.42, the FDO authorised an emergency search of the site to locate and neutralise any threats. By 22.43, it had been established no gunmen were present in the City Room where the explosion had taken place. Even though by this point it was clear there were no further terrorists to deal with, at 22.47 the FDO enacted “Operation Plato”. The inquiry report confirmed this was a sensible decision to take for two reasons: first, in the immediate aftermath of the attack there had been reports of gunshots; second, other terrorist incidents have occurred internationally where firearms were used.

Having declared Operation Plato, the next step for the FDO would be to communicate this decision to as many as 16 other agencies involved in the response.¹⁰⁰ As a result of the four command roles the FDO was fulfilling, this important action was overlooked. At no point throughout the incident was the fact Operation Plato was live communicated to anyone other than the specialist firearms officers on site. At 22.52, a Temporary Superintendent from GMP took up the GMP Tactical/Silver level command. They were responsible for unarmed officers at the scene and developing the tactical plan. The Silver Commander was informed by the FDO that Operation Plato was live. Inexplicably, not only did the incident commander not know what this was, but failed to communicate this to the FDO. The inquiry report was therefore correct to suggest the officer in question was not fit to lead as the Silver Commander for GMP on the night of the attack.

Importantly, even though Plato had been declared, at no point during the Golden Hour did zoning take place. By 22.50 GMP firearms officers had established there was no further risk of terrorist attack, and the City Room could have been designated a “cold zone”, again this was not communicated to the other responder agencies.¹⁰¹ The failure to designate and then communicate the City Room a cold zone by 22.50 had a major impact on the response to the incident. It meant the NWAS operational commander took the “unduly cautious” decision of not allowing the deployment of paramedics into the City Room until 23.30, or an hour after the explosion.¹⁰² As the inquiry report suggests, if the NWAS operational commander had been reassured the City Room was a cold zone by 22.50, then paramedics could have entered to provide medical treatment that “would have made a meaningful difference to the 38 casualties” most in need of help.¹⁰³ This meant the only responders in the City Room, providing medical assistance to the victims, were paramedic Ennis, specially trained firearms officers and the staff from BTP and ETUK, with the BTP officers not trained adequately in the provision of first aid. Of the 22 victims of the Manchester attack at least one, John Atkinson, could have lived if medical treatment had been provided earlier. It is also possible, although unlikely, that the youngest victim Saffie Rousso, aged 8, might have survived with quicker medical intervention.¹⁰⁴

Conclusion: Lesson Identified but Have Lessons Been Learned?

The missed opportunities to stop the attack in the minutes before the explosion and the deficiencies in the emergency response at Manchester allow for the identification of important lessons, which have implications for both CONTEST and the broader field of emergency management in the UK. As Roast explains, the identification of lessons does not however always lead to those lessons being learned.¹⁰⁵ In 2013, the Pollock Review analysed 32 reports on major incidents in the UK since 1985 and found common causes of failure to include: inadequate training, ineffective communication, “where lessons were identified and recommendations made… [they were] not acted upon”, and most importantly, no systems were put in place to ensure lessons were actually learned and staff taught those lessons.¹⁰⁶ Significantly, with regard to terrorism, the Manchester Arena Inquiry noted similar failings identified in the Hallet Report on the emergency response to the 2005 London bombings, including “lack of adequate information-sharing between the emergency services; failures in communication; basic misunderstanding between the emergency services as to their respective roles and operations; and difficulties resulting from the lack of a common Rendezvous Point”, as also present during Manchester where these problems occurred once more.¹⁰⁷

As such, these failings allow for the identification of several important lessons that have implications for both the Protect and Prepare workstreams. First, with regard to Protect, it is clear security at the arena missed several opportunities to identify and confront the attacker. The inquiry highlighted a degree of complacency on the part of Showsec and its employees, with a lack of awareness of the terrorist threat level contributing to a failure to take steps to mitigate the danger of a terrorist attack.¹⁰⁸ The mistakes made by individual employees to conduct appropriate security check or pass on information from the public about suspicious behaviour highlight the importance of counter-terrorism awareness and training. These failings provide support to the proposals for the new Protect Duty, which will at least require key stakeholder responsible for safety at public events and locations to ensure staff are adequately trained on these issues. Of course, the new duty itself is not a panacea. It does not resolve certain structural barriers that impact the training of the workforce (e.g. low paid jobs resulting in a high turnover of staff), but it at least provides a starting point from which key stakeholders beyond the emergency services can begin to rectify gaps in security. Furthermore, the fact a member of the public tried to raise suspicions about the attacker clearly demonstrates the importance of Protect-based counterterrorism awareness public messaging.

Second, the mistakes made at Manchester confirm the importance of JESIP and the need for more effective multi-agency communication, coordination and joint decision-making when responding to a terrorist attack. The inquiry noted the evidence provided by the eyewitnesses at Manchester confirmed all of the key principles of JESIP and specifically two key statements contained in the foreword to the JESIP Guidance document.

• We need to make sure that the ethos of “working together” becomes embedded, not only within our own organisations at every level, but within that of the other responder agencies.

• The Joint Doctrine “should be embedded in individual organisation policies and procedures and in their training and exercise programmes, for all levels of response staff”.¹⁰⁹

Indeed, JESIP was developed for these very reasons and in part as a response to deficiencies in the response to other major incidents. As the inquiry report points out, this makes the above failings around communication and co-location “disappointing”.¹¹⁰ Importantly, the inquiry noted this did not mean there were not instances of good decision-making taken on the ground, particularly at the operational level, at the time of the incident. However, it is also clear there were significant failings at the higher command levels (particularly Silver/Tactical). According to JESIP, the five key principles are listed in order of importance, with co-location before communication. The inquiry has suggested communication should come first, given it was a failure to communicate that led to some agencies failing to declare a major incident and share important information about the incident that could have helped facilitate a more effective response (e.g. the need for the fire service to attend the scene or the scene was safe enough for medical personnel to enter earlier than they did).

The third key lesson here is with regard to the importance of better training for all of the emergency services, particularly with regard to understanding and implementing multi-agency JESIP protocols, which would have led to a more decisive and effective response. For example, the failure by the BTP officer at the scene to establish a multi-agency RVP was an error. As the inquiry report explains, it was the BTP officer’s responsibility to identify how best to coordinate resources on the ground, this “is a difficult thing to do. It requires training and experience. A multi-agency RVP was urgently required. It was an important step that would have helped to co-locate resources for the emergency response”.¹¹¹ Similarly, it is almost inexplicable that the GMP Silver Commander did not know what Operation Plato referred to and was therefore unable to develop the tactical level plan. All of these types of issues are resolvable with better training. Moreover, it is clear from the inquiry report that while individual agencies had trained, more could have been done with respect to multi-agency training to ensure “each emergency service [was] aware of the specialist capabilities of every other emergency service”.¹¹²

Interestingly, in the months before the attack, the emergency services had run an exercise on a potential terrorist attack, called “Winter Accord”, at the Trafford Centre in Manchester (Ibid), which also resulted in the emergence of similar issues that were seen on the night of the attack. The Kerslake Report listed the fact this exercise had taken place as one of the things that went well, helping to inform the response on the night.¹¹³ The Manchester Arena Inquiry was much more critical, noting that although Winter Accord and other exercises conducted prior to the attack had done a good job of identifying lessons, particularly in regard to deficiencies in multi-agency response, “there was a significant failure to implement changes in accordance with those lessons”.¹¹⁴ In other words, lessons were identified, but they were not learned.

It is clear then the reorientation towards Protect and Prepare in the CONTEST strategy and the proposals for further embedding JESIP and improving training and exercising, alongside the new Protect Duty, have the potential to enhance preparedness and contribute to more effective response for not only the next terrorist attack but all forms of major incident in the UK. By seeking to place the Protect workstream on a statutory basis, the UK government has signalled that preparedness activity is of at least equal concern to those measures taken under the remit of the Prevent Strategy and the accompanying Prevent Duty. However, this should only be viewed as the first significant step in this area. What is necessary moving forward is to ensure the lessons identified from Manchester are actually implemented. The repetition at Manchester of similar mistakes made over a decade earlier during the 2005 terror attacks in London, particularly at the tactical level, place an imperative on individual agencies and other key stakeholders to do more in this regard. Indeed, the inquiry report on emergency response concluded by suggesting in the period prior to the attack there was an:

inability to identify, record and respond to lessons learned… [Therefore] In the future, a system must be put in place to address this. A candid approach to learning is vital to ensure agencies can work together effectively.¹¹⁵

This recommendation opens the potential for further research in this area, where academics and the key stakeholders involved in preparedness activities and emergency response might work together to determine the extent to which lessons identified have indeed become lessons learned in the fight against terrorism.

Disclosure statement

No potential conflict of interest was reported by the author(s).

Notes

1 The Kerslake Report: An independent review into the preparedness for, and emergency response to, the Manchester Arena attack (27 March 2018).

2 Ibid. 5.

3 The final report from the inquiry was released in March 2023. See: Manchester Arena Inquiry. “Volume 1: Security for the Arena”. June 2021; Manchester Arena Inquiry. “Volume 2: Emergency Response”. November 2022; Manchester Arena Inquiry. “Volume 3: Radicalisation and Preventability”. November 2023.

4 Manchester Arena Inquiry. Volume 2: Emergency Response. 5.

5 F. Qurashi. “The Prevent strategy and the UK ‘war on terror’: embedding infrastructures of surveillance in Muslim communities”, Palgrave Communications 4:1 (2018); P. Edwards. ‘Surveillance, safeguarding and beyond: the prevent duty and resilient citizenship’, Critical Studies on Terrorism 14:1 (2021), 47–66.

6 Guardian. ‘UK venues could face legal duty to provide protection from terrorism’. Guardian Online, 24 February 2020. Available at: https://www.theguardian.com/politics/2020/feb/24/uk-venues-could-face-legal-duty-to-provide-protection-from-terrorism.

7 UK Government. CONTEST - The United Kingdom’s Strategy for Countering Terrorism (London: HM Home Department, 2023).

8 Ibid. 43.

9 D. Omand. “The terrorist threat to the UK in the post–9/11 decade”, Journal of Terrorism Research 3:1 (2012) 6–12; UK Government. CONTEST - A 5-year UK strategy for countering international terrorism. Sir David Omand. Security and Intelligence Coordinator. Confidential Document (2004, April 1).

10 UK Government. CONTEST - The UK’s Strategy for Countering International Terrorism, (London: HMSO, 2006).

11 J Coaffee and D. M. Wood. “Security is coming home: Rethinking scale and constructing resilience in the global urban response to terrorist risk”, International Relations 20:4 (2006) 503–517. See 510.

12 Omand, ‘The terrorist threat to the UK’, 5.

13 ‘CONTEST’, (2006), 3.

14 The four different versions of CONTEST were published in 2006, 2011, 2018 and 2023. A revised version of the original CONTEST was published in 2009.

15 UK Government. Pursue Prevent Protect Prepare: The United Kingdom’s Strategy for Countering International Terrorism. (London: HMSO, 2009), 127.

16 D. E. Alexander. Principles of Emergency Planning and Management (Oxford University: Oxford, 2002).

17 B. Anderson. “Preemption, precaution, preparedness: Anticipatory action and future geographies”, Progress in Human Geography 34:6 (2010) 777-798.

18 Ibid. 778.

19 C. Baker-Beall and G. Mott. “The New Counter-Terrorism Agenda: Pre-Emptive Security Through the Anticipation of Terrorist Events”, Global Affairs 7:5 (2021), 711–732. See 715.

20 Anderson, ‘Preemption’, 791.

21 Alexander, ‘Principles’.

22 In emergency management, the pre disaster phase focuses specifically on risk reduction measures.

23 Anderson, ‘Preemption’; C. Heath-Kelly and S. Shanaah. “Rehabilitation within pre-crime interventions: The hybrid criminology of social crime prevention and countering violent extremism”, Theoretical Criminology 27:2 (2023), 183–203; M de Goede. “The politics of preemption and the war on terror in Europe”, European Journal of International Relations 14:1 (2008), 161–185.

24 R. Pantucci. “A contest to democracy? How the UK has responded to the current terrorist threat”, Democratization 17:2 (2010), 251–271.

25 Ibid. 266.

26 I. Awan. “I am a Muslim not an extremist”: How the Prevent Strategy has constructed a “suspect” community”, Politics & Policy 40:6 (2012), 1158–1185; Qurashi, ‘The Prevent strategy’.

27 C. Heath-Kelly and E. Strausz. “The banality of counterterrorism “after, after 9/11”? Perspectives on the Prevent duty from the UK health care sector”, Critical Studies on Terrorism 12:1 (2019), 89–109.

28 N. Acik, J. Deakin and R. Hindle. “Safeguarding, Surveillance and Control: School Policy and Practice Responses to the Prevent Duty and the “war on terror” in the UK”, The Palgrave International Handbook of School Discipline, Surveillance, and Social Control, (Palgrave, 2018), 467–489.

29 J. Gearson and H. Rosemont. “Contest as strategy: Reassessing Britain’s counterterrorism approach.” Studies in Conflict & Terrorism 38:12 (2015), 1038–1064.

30 Omand, ‘The terrorist threat to the UK’.

31 UK Government, ‘Pursue Prevent Protect Prepare’, 10.

32 D. Nohrstedt. “Disaster risk reduction and the limits of truisms: Improving the knowledge and practice interface”, International Journal of Disaster Risk Reduction 67 (2022), 1–8.

33 Gearson and Rosemont, ‘Contest as strategy’.

34 J. Walker & M. Cooper. “Genealogies of resilience: From systems ecology to the political economy of crisis adaptation”, Security Dialogue 42:2 (2011), 143–160.

35 A. Batley. “Counterterrorism Citizens and the Neurotic City”, Conflict and Society 7:1 (2021),78–95.

36 P. Dresser, M. Rowe and J. Harding. ‘Unintended Consequences Research: Identifying the Impact of NaCTSO Public-Facing Products and Campaigns’, National Counter-Terrorism Security Office (July, 2023).

37 K. Hardy. “Resilience in UK counter-terrorism”, Theoretical Criminology 19:1 (2015), 77–94.

38 Ibid. 85.

39 J. Coaffee. Terrorism, risk and the global city: Towards urban resilience. (Routledge, 2009); J. Coaffee. “Protecting vulnerable cities: the UK’s resilience response to defending everyday urban infrastructure”, International Affairs 86:4 (2010), 939-954; J. Coaffee and P. Fussey. “Constructing resilience through security and surveillance: The politics, practices and tensions of security-driven resilience”, Security Dialogue, 46(1) (2015), 86–105.

40 Coaffee, ‘Protecting vulnerable cities’, 946.

41 R. Goodwin and S. Gaines Jr. “Terrorism perception and its consequences following the 7 July 2005 London bombings”, Behavioral Sciences of Terrorism and Political Aggression 1:1 (2009), 50–65.

42 ‘CONTEST’, (2006), 8.

43 Ibid. 15.

44 P. Thomas. “Changing but still controversial: Britain’s Prevent Counter-Terrorism Strategy. In: Kargel, J. (ed.) German Federal Government Agency for Civic Education series”, (Budeszentrale fur politische Bildung: Bonn, 2017), 142–155; UK Government, Prevent Review: Summary of Responses to the Consultation (July, 2011); UK Government, Prevent Strategy (June 2011).

45 UK Government. The Prevent Strategy: A Guide for Local Partners in England - Stopping people becoming or supporting terrorists and violent extremists (2008).

46 A. Kundnani. Spooked: How not to prevent violent extremism (London: Institute of Race Relations, 2009).

47 UK Government, ‘The Prevent Strategy’, 51.

48 Kundnani, ‘Spooked’.

49 UK Government, Prevent Strategy, 6.

50 T. May. “Statement on the review of Prevent given by the Home Secretary on 7 June 2011 in the House of Commons”. Available at: https://www.gov.uk/government/speeches/review-of-the-existing-counter-radicalisation-strategy-known-as-prevent.

51 Thomas, ‘Changing but still controversial’.

52 UK Government, Counter-Extremism Strategy, (Home Office, 2015).

53 UK Government, Prevent Duty Guidance (2015); UK Government, The Prevent duty: Departmental advice for schools and childcare providers (Department for Education, June 2015).

54 J. Busher, T. Choudhury and P. Thomas. “The enactment of the counter-terrorism “Prevent duty” in British schools and colleges: Beyond reluctant accommodation or straightforward policy acceptance”, Critical Studies on Terrorism, 12:3 (2019), 440–462.

55 Open Society Foundation Justice Initiative. Eroding trust: The UK’s Prevent counter-extremism strategy in health and education, (New York: OSFJI, 2016).

56 Heath-Kelly and Strausz, ‘The banality of counterterrorism’.

57 C. Heath-Kelly. “Counter-terrorism and the counterfactual: Producing the ‘radicalisation’ discourse and the UK PREVENT strategy”, The British journal of politics and international relations 15:3 (2013), 394–415; C. Heath-Kelly. “The geography of pre-criminal space: epidemiological imaginations of radicalisation risk in the UK Prevent Strategy, 2007–2017”, Critical Studies on Terrorism 10:2 (2017), 297–319.

58 Financial Times. “Inside Prevent, the UK’s controversial anti-terrorism programme” (2019). Available at: https://www.ft.com/content/a82e18b4-1ea3-11e9-b126-46fc3ad87c65.

59 Hardy, ‘Resilience’.

60 Coaffee, ‘Terrorism, risk and the global city’, 8.

61 ‘The Kerslake Report’; ‘Manchester Arena Inquiry, Volume I’; ‘Manchester Arena Inquiry, Volume II’.

62 ‘Manchester Arena Inquiry, Volume I’.

63 ‘Manchester Arena Inquiry, Volume II’.

64 UK Government. “Inquest arising from the deaths in the London Bridge and Borough Market terror Attack: Regulation 28 Report on Action to Prevent Future Deaths”, Courts and Tribunals Judiciary (1 November 2019).

65 UK Government. CONTEST - The United Kingdom’s Strategy for Countering Terrorism (London: HM Home Department, 2018).

66 Ibid. 13.

67 Ibid. 5.

68 Murray, F. Martyn’s Law. (2023). Available at: https://www.figenmurray.co.uk/.

69 Home Office. Protect Duty Consultation: Making the public safer at publicly accessible locations (HMG, 2021); Home Office. Protect Duty Consultation: Summary of consultation responses. Report Ipsos MORI (HMG, November 2021).

70 Coaffee, ‘Protecting vulnerable cities’, 939.

71 Ibid. 946.

72 Ibid. 948.

73 Batley, ‘Counterterrorism Citizens’.

74 UK Government. Contest – The United Kingdom’s Strategy for Countering Terrorism (London: HM Home Department, 2011), 100.

75 JESIP. Joint Doctrine - the Interoperability Framework (2^nd Ed: London, July 2016).

76 Ibid.

77 UK Government, ‘CONTEST’ (2018), 11.

78 Ibid.

79 UK Government, ‘CONTEST’ (2023), 43.

80 Hardy, ‘Resilience’.

81 Coaffee, ‘Protecting vulnerable cities’, 950.

82 ‘The Kerslake Report’; ‘Manchester Arena Inquiry, Volume I’;. ‘Manchester Arena Inquiry, Volume III’.

83 ‘Manchester Arena Inquiry, Volume II’, 77.

84 UK Government, ‘CONTEST’ (2023), 25.

85 B. Anderson, B. “Governing emergencies: The politics of delay and the logic of response”, Transactions of the Institute of British Geographers 41:1 (2016), 14–26.

86 ‘Manchester Arena Inquiry, Volume II’, 81.

87 E. B. Lerner and R. M. Moscati, “The golden hour: scientific fact or medical “urban legend”?”, Academic Emergency Medicine 8:7 (2001), 758–760.

88 ‘Manchester Arena Inquiry, Volume II’, 82.

89 ‘Manchester Arena Inquiry, Volume I’.

90 Ibid.

91 Ibid.

92 Ibid. 19.

93 Ibid.

94 ‘Manchester Arena Inquiry, Volume II’.

95 Ibid. 92.

96 ‘The Kerslake Report’, 8.

97 The average response time for GMFRS is six minutes.

98 ‘Manchester Arena Inquiry, Volume II’, 93.

99 Ibid. 193.

100 ‘The Kerslake Report’, 66.

101 ‘Manchester Arena Inquiry, Volume II’.

102 Ibid. 251.

103 Ibid. 253.

104 Ibid. 82.

105 L. Roast. “Learning That Can Save Lives: Psychological Perspectives on the Process of Learning Lessons from Major Incidents and Disasters”, National Preparedness Commission (2021). Available at: https://nationalpreparednesscommission.uk/wp-content/uploads/2022/03/Learning-That-Can-Save-Lives_Full-Report_Sep-2021.pdf.

106 K. Pollock. “Review of Persistent Lessons Identified Relating to Interoperability from Emergencies and Major Incidents since 1986”, Emergency Planning College Occasional Paper (New Series Nr 6, 2013).

107 UK Government. Rt Hon. Lady Justice Hallett DBE. Coroner’s Inquests into the London Bombings of 7 July 2005. Report under Rule 43 of The Coroner’s Rules 1984. (6 May 2011); ‘Manchester Arena Inquiry, Volume II’, 161–162.

108 ‘Manchester Arena Inquiry, Volume I’.

109 JESIP, ‘Joint Doctrine’.

110 ‘Manchester Arena Inquiry, Volume II’, 165.

111 Ibid. 92.

112 Ibid. 1747.

113 ‘The Kerslake Report’,.

114 ‘Manchester Arena Inquiry, Volume II’, 417.

115 Ibid. 518.