Risk Management is a Team Effort

Listen to Audio

Working with experts in your event destination is the safest way to plan

Protecting attendees and the company is job one for meeting professionals. That means managing the impact of everything from diseases and hurricanes to protestors and food allergies. Where you meet and how soon you loop in the local experts could have a big impact on how you approach security.

To find out how meeting professionals are managing the high-stakes business of events, we worked with Destinations International to ask top event designers and experts to share what is causing the most headaches and heard about real-world examples of what they are doing to manage those risks. The result is a white paper that could help you plan smarter and safer.

Download the Best Practices for Managing Event Risk White Paper.

Areas of Concern

Not all risks are equal, and some are more pressing in 2025 than others. We asked survey respondents to rank the areas that were most important. Physical safety was the top concern for the majority (57%) of respondents. Environmental factors such as weather disruptions were the next most pressing concern at 17%.

These results tracked with an ASAE Guide to Risk and Crisis Management survey conducted in collaboration with the professional organization for security professionals, ASIS and Risk & Insurance Management Society (RIMS), which ranked crime and safety as the top factor influencing destination selection. Destination weather and future climate predictions were next, followed by health and safety measures and accessibility and initiative beyond ADA requirements.

We asked industry experts for best practices in each of these areas. Let’s break it down.

Physical Security

The process for determining which destinations are physically secure varied, according to the ASAE study, from word of mouth (talking to other planners) and crime statistics to media headlines, local health data, legislation tracker reporting and economic climate data.

Because some of those sources are subjective, talking to convention and visitor bureaus (CVBs) and destination marketing organizations (DMOs) about what is actually happening on the ground in 2025 and what resources are available to communicate with and protect your attendees is a smart due diligence step.

Read More: PCMA Convening Leaders Put Balancing Safety and Comfort in the Spotlight

Kevin Coffey, a travel security and meeting risk advisor who brings decades of expertise from his time as a detective with the Los Angeles Police Department’s LAX Airport Crimes Investigation department, counsels meeting professionals to consider how the conditions in a particular city impact their specific group. If you have a lot of women, then looking at the destination’s policies around pregnancy might be more applicable than for other groups.

Similarly, the dynamics around crime statistics need to be put into the context of type of crime, victims and location. That is where a destination assessment neighborhood-by-neighborhood can help meeting planners to make better choices about where to stage off-sites, suggestions to give attendees for free time and when to schedule transportation. “It is important to go deeper than headlines,” he said.

Other questions to consider when sourcing a venue from Coffee:

• What is the average response time for emergency medical services to the property?
• How many heart defibrillators does the hotel have, and who knows how to use them? Ask to see it and check the inspections are up to date.
• Are emergency exits accessible and well-marked?

Mark Herrera, director of education with the International Association of Venue Managers (IAVM), says venues are increasingly adopting advanced security measures like walk-through metal detectors, biometric screening and AI-enabled monitoring tools. Badge scanning systems are becoming standard for access control and real-time attendee tracking during emergencies. But Herrera warned that while these tools enhance security, they must be balanced with an attendee-centric approach to maintain a seamless guest experience.

A best practice often missed is predictive behavioral training for frontline staff. “While many venues invest heavily in equipment, the people operating them may not be equipped with tools like behavioral profiling, de-escalation techniques or situational awareness training to identify and mitigate risks before they escalate,” he said.

Another oversight is the need for robust post-incident debriefs and continuous improvement strategies. Gathering lessons learned after an event can significantly enhance future planning and response readiness.

The most critical factor, according to Herrera, is developing a collaborative safety culture that integrates risk management into every event planning phase. This includes conducting comprehensive risk assessments, involving key stakeholders like venue operators, local law enforcement and security experts early in the planning process, and ensuring clear communication channels.

He also noted that while security budgets are growing, reflecting the industry’s understanding that comprehensive preparedness is non-negotiable, this doesn’t always mean more funding is available. “Meeting professionals must maximize limited resources by prioritizing staff training and strategically leveraging technology,” he said.

Many experts stressed the importance of not only making a plan but practicing it. “The rapid change, volatility and risk of global crises is going to continue to accelerate,” said Amy Hissrich, MA, CAE, vice president of International Affairs with ASAE. “This is the right time to be shining a light on risk,” she said.

She continued. “We don’t want to scare people, but we want them to recognize the need for preparedness. It’s muscle memory, building that knowledge and training for staff. We need to have these conversations. When you’re not in a crisis is the time for planning to manage that crisis.”

The rapid change, volatility and risk of global crises is going to continue to accelerate.”

— Amy Hissrich, ASAE

RIMS Vice President of Events and Exhibitions Stuart Ruff-Lyon, CMP, DES, agreed that having all stakeholders and partners involved in planning for safety leads to the best results. His plans for the group’s big RISKWORLD annual conference have included limiting access to the area to registered guests, employing canine bomb-sniffing units, bag checks, requiring a gun-free zone and metal detectors. “It is important that you put your requirements in writing so everyone understands what is expected,” he said.

Weather

Environmental/weather was the second-highest area of risk mitigation importance in our survey, with only 4% saying they never consider weather in the destination over the dates required when sourcing.

Changing environmental factors in the form of extreme weather ranked as the fifth-highest concern in the ASAE study. Hissrich said other studies show the topic is being talked about in the lens of environmental, social and governance (ESG) impacts. “What we’re seeing is the business impact of the policy impacting potential operations,” she said. “If we can’t convene our members or chapters because of extreme weather events, that certainly has a business risk,” she said.

The result, she concluded, is that most organizations are discussing risks with their boards and incorporating recognition of risk into their management-level decisions.

Cybersecurity

When it comes to protecting data and technology security, the majority of respondents (75%) say it is a factor most or all of the time. The ASAE study found cyberthreats such as data breaches, IP privacy and ransomware were the top priority.

A total of 6.06 billion malware attacks hit globally in 2023, according to the data company Statista. Security software company Varonis reported that personal information is the most valued type of data, and the average total cost of a data breach is $4.88 million.

Read More: Smart Tech: The Race to Data Security

Maritz Chief Security Officer John Wahle said data security starts with the RFP. Choose partners who take security seriously. He suggested the following:

• Ask registration systems providers and web designers about built-in encryption.
• Look for Payment Card Industry (PCI) compliance for processing payments and System and Organization Controls (SOC) 1 and 2 compliance.
• Require multi-factor authentication (MFA) for access to all platforms.
• Grant cascading levels of access based on roles to limit sensitive data exposure.

Once you have chosen a system and set up controls, task someone with ensuring all software and plug-ins are updated regularly to protect against bugs and attacks. Not all failures are from the outside or intentional. Train your team on the dangers and safeguards you have set up so they know both why and how you are protecting your intellectual assets. Warn everyone involved, including the interns, about phishing attempts. Lay out what to look for and what to do when you see one and—critically—if they accidentally fall for one. These attacks get more sophisticated every day and can fool almost anyone not paying close attention.

The addition of generative AI doesn’t fundamentally change best practices for defending systems; it just reinforces the importance of our current policies—access controls, data encryption and monitoring. “If we make mistakes, it makes it easier to exploit,” according to Eric Perino, vice president of information security with Maritz.

Risk is part of event life, but the following destination marketing professionals can help make the entire process smoother so you can focus on designing the best event imaginable.

This article appears in the March 2025 issue. You can subscribe to the magazine here.