Security for Music Tours and Live Event Productions | CloseProtectionHire

The Manchester Arena attack on 22 May 2017 killed 22 people and injured 1,017 others as the audience left an Ariana Grande concert. The Astroworld Festival crowd crush in Houston in November 2021 killed 10 people and injured hundreds more. These two events are different in nature – one a terrorist attack, one a crowd management failure – but they share a common thread: the security planning for both events had not been designed around the actual threat environment the large public gathering created.

Security for music touring and live event productions is a specialist discipline. It combines close protection for the artist, venue advance operations, crowd safety integration, and in high-risk city contexts, a full ground transport and arrival security programme. Firms that treat touring security as an extended personal protection task – more bodies around the artist, more barriers backstage – typically produce security theatre rather than a genuine risk reduction framework.

This guide covers the operational elements that distinguish effective touring security: the advance methodology, the legal context that UK and European tours now operate within, the crowd safety framework, and the specific considerations for P1 city tour dates.

The Advance Operation

Every effective touring security programme is built around venue advance work. The lead security officer, or a designated advance team member, should survey each venue on the route before the tour arrives. The survey has a defined scope.

Emergency egress: all fire exits, their signage clarity, their current state (locked, clear, obstructed), and the capacity they can accommodate in a rapid evacuation. Post-Manchester, this has become the non-negotiable first item on every advance checklist.

Backstage access control: the physical entry points to the backstage area, how they are managed, who holds passes, and how pass-holders are verified on the day. At major arena events, backstage access tends to be under-controlled relative to public-facing entry points. The advance should establish where the control points are and who operates them.

VIP hospitality: the location of VIP hospitality areas, their proximity to the stage and backstage areas, how access is managed, and whether the hospitality footprint creates a crowd density risk during key moments (support act transitions, headliner stage arrival).

Pit and barrier configuration: the type and positioning of crowd control barriers in the pit area. Mojo Barriers and equivalent products provide crush-rated barriers; their positioning relative to the stage and the crowd density they are likely to experience at capacity should be reviewed against SGSA Green Guide (6th edition, 2021) crowd density standards (maximum 4.7 persons per square metre for standing areas, lower for high-risk crowd profiles).

Stage-access control: how the stage area is secured during the show, who has authorised access, and what the protocol is for removing an unauthorised person from the stage or the stage-side area.

The advance output is a venue brief – a written document that goes to the artist’s security team, the tour manager, and the local venue security lead before the show day. It is not a memo; it is an operational document with action points, named responsible parties, and a communication channel for the show day.

Martyn’s Law: The New UK Legal Context

The Terrorism (Protection of Premises) Act 2024 – known as Martyn’s Law, named after Martyn Hett who died in the Manchester Arena attack – creates mandatory security obligations for venues and events across the UK.

The Act establishes two duty tiers. The Standard tier applies to venues and events with a capacity of 200 to 799 persons. It requires those responsible for the premises or event to ensure documented procedures exist for public protection in the event of a terrorist attack, that staff are trained on those procedures, and that a designated senior person has responsibility for security planning.

The Enhanced tier applies to venues and events with a capacity of 800 or more persons. It requires a written security plan, staff training against that plan, a designated security lead, coordination with local policing, and formal registration with the Security Industry Authority. Most arena and stadium concert venues fall under the Enhanced tier.

For touring security teams working UK dates, the legal implication is that they are operating within a venue that has specific statutory obligations. The touring team’s security plan should integrate with the venue’s Martyn’s Law obligations, not operate independently of them. The police liaison role, in particular, should be coordinated – local force engagement is a venue obligation under Enhanced duty, and the touring security team should know the police contact and understand the police plan for the event.

Crowd Safety: The SGSA Framework

Crowd safety is distinct from audience security but operationally linked. The Security and Safety at Sports Grounds Act 1975, the Guide to Safety at Sports Grounds (SGSA Green Guide, 6th edition, 2021), and the Health and Safety at Work Act 1974 together create the regulatory framework for crowd management at large-capacity events in the UK.

The key crowd safety variables are: venue capacity and its relationship to the number of tickets sold; crowd density in standing areas; ingress rate (how quickly the crowd can enter the venue); egress rate (how quickly the crowd can leave); and the availability of clear emergency evacuation routes.

The Astroworld Festival crowd crush in November 2021 demonstrated that most crowd safety failures are not spontaneous – they follow from a sequence of capacity and management decisions made before the event begins. Crowd density exceeded safe limits in the standing area. Emergency evacuation routes were inadequate for the crowd load. Communication between event security, medical teams, and the production team was insufficient to trigger a halt. The AEG and Live Nation post-event protocols introduced across their venues in 2022-2023 address these structural failures: real-time crowd density monitoring (camera-based density counting at entry zones), pre-established density thresholds that trigger entry halt, and a production-security communication protocol with clear authority for show stoppage.

Touring security teams are not, as a rule, responsible for crowd safety – that is the venue and promoter’s operational domain. But the touring team should be part of the pre-event safety briefing, should understand the venue’s crowd density thresholds, and should have a defined communication channel to the venue’s safety officer. The Manchester attack and Astroworld both demonstrated that uncoordinated response is a key failure mode.

Artist Protection: Hotel and Transit Security

The close protection element of touring security is built around two principal windows of vulnerability: transit (hotel to venue and venue to hotel or onward travel) and the backstage/dressing room environment.

Transit security in low-risk markets – London, Berlin, Tokyo – is largely a logistics operation. The vehicle convoy (lead, principal, and follow cars at arena scale; lead and principal for smaller venues), route confirmation, and arrival protocol are the substantive elements. Predictability is the primary risk: widely published performance times and a known hotel mean that a determined hostile actor can position themselves on the route. Departure time variation, alternate routes, and non-public vehicle identifiers reduce this risk at low cost.

In P1 city markets – Lagos, Manila, Mexico City, Karachi, and to a lesser extent Bangkok and Jakarta – the risk profile changes materially. Vetted ground transport is mandatory. The local promoter’s suggested driver is not an adequate solution. A security operator with country knowledge, a confirmed vehicle, and communication with the artist’s security lead should be in place before the tour date. Arrival and departure windows should not be publicised. Where the venue address is public, the approach route and timing should vary.

Hotel security for touring artists follows the same principles as executive hotel security: room choice above the second floor (reduces ground-level intrusion risk), no posting of hotel name or location on social media until after departure, a clear protocol for responding to suspicious contact or approach at the hotel. For high-profile artists, a floor sweep before the artist arrives and a room security check are standard.

Meet-and-Greet Management

Meet-and-greet sessions are operationally the highest-risk element of a concert day for artist safety. They bring the artist into 1:1 contact with a sequence of audience members in a controlled space – but the control is often less rigorous than it should be.

Effective meet-and-greet protocol requires SIA-licensed door supervisors (or their equivalent for international dates) at the access point, a clear flow management plan that prevents crowd density in the backstage corridor, a defined 1:1 contact framework that ensures an officer has sight of every interaction, and a prohibited items policy that is communicated to attendees before they enter.

The prohibited items question requires a judgment call on photography and mobile devices. For most artists, phones are permitted with conditions; for some at higher stalker or harassment risk, the protocol may restrict devices more tightly. Any restriction of this kind should be in the promoter and venue contract and communicated to ticketholders before the day.

Time management is a crowd safety issue as well as a security one. If meet-and-greet queues build up in a confined backstage corridor, the crowd density in that space can reach dangerous levels quickly. The security team’s advance should include a capacity assessment of the backstage corridor and a maximum throughput rate that keeps density at a safe level throughout the session.

P1 City Tour Dates

Lagos: The primary risk is transit. Published show times make the hotel-to-venue window predictable for opportunistic targeting. Vetted convoy transport, local security operator briefing, and communication with venue security before the show day are the minimum standard. The local promoter’s security provision should be assessed against the actual crowd management requirements of the venue capacity.

Manila: BGC and Makati venues are in the lower-risk zone within the city, but the approach from most international hotels involves significant traffic exposure. Friday and Saturday evening show times coincide with peak traffic. Departure timing after the show should account for post-show crowd dispersal creating congestion near venue exits.

Mexico City: Polanco and Santa Fe venues are in lower-crime zones, but transit to venues in other districts carries elevated risk. Post-show departure should use confirmed vetted transport. The artist should not be in the lobby or visible external areas of the hotel before the vehicle is confirmed and in position.

Istanbul: A commercially active touring market with large-capacity venues in the European and Asian sides of the city. Artists with Israeli or US affiliations should be briefed on the current protest landscape and take advice from the local security operator on any specific threat context around the tour date.

For the broader event security planning framework applicable to large-capacity events, see our event security planning guide. For VIP protection at conferences and corporate events – which shares the advance methodology and hostile crowd separation principles used in touring security – see our VIP protection at conferences guide. For outdoor music festivals specifically – where Martyn’s Law Enhanced tier obligations, Purple Guide crowd management standards, Astroworld-informed pit density monitoring, and artist compound close protection all apply – see our security for outdoor music festivals guide.

Sources: Terrorism (Protection of Premises) Act 2024 (Martyn’s Law, UK); SGSA Guide to Safety at Sports Grounds, 6th Edition 2021 (crowd density standards, 4.7 persons/sqm standing maximum); UK Health and Safety Executive, Post-Manchester Arena Inquiry 2021 (Manchester Arena attack, 22 May 2017, 22 killed, 1,017 injured); OSHA / AEG Post-Astroworld Review 2022 (Astroworld Festival November 2021, 10 killed, crowd crush); NCSC/FBI/CISA Business Travel Security Advisory 2023; OSAC Country Reports: Nigeria 2023, Philippines 2024, Mexico 2024.

James Whitfield is a Senior Security Consultant with operational experience across P1 city environments. He advises entertainment industry clients, promoters, and artist management teams on touring security, event advance operations, and close protection programme design.