Security at Trade Exhibitions and Business Events | CloseProtectionHire

Trade exhibitions and business events bring together concentrated populations of decision-makers, technical specialists, competitive intelligence, prototype products and high-value assets in a semi-public space designed for access. That design serves commercial purpose. It also creates a security environment that most organisations underestimate and under-plan.

The security challenges at trade events are distinct from office security or travel security. They combine the access control challenge of a public venue, the competitive intelligence risk of an industry gathering, the VIP protection challenge of a high-density public space, and the device security risk of a technology-demonstrating environment – often in a single day.

This article addresses the security framework for organisations exhibiting, attending or providing principal protection at trade exhibitions and business events.

The Intelligence Collection Risk

ASIS International documents trade exhibitions as a significant channel for industrial espionage and competitive intelligence collection. The ASIS Trade Secret Survey 2024 identifies exhibitions as one of the primary environments where proprietary information is inadvertently disclosed. The mechanisms include:

Technical staff conversations at stands and in meeting rooms that go further than intended. Engineers talking to apparent peers about development challenges, specifications or future product roadmaps without recognising that the conversation is a structured intelligence collection exercise. The asking party is often not a peer – they are a competitor’s technical intelligence function, a state-sponsored collection operation, or an industry analyst working on behalf of a competitor.

Covert recording at product demonstrations. Audio and video recording devices disguised as branded merchandise – notebooks, pens, charging cables, badge holders – have been documented in CPNI case reviews. Recording product demonstrations or technical presentations with a concealed device is straightforward in the exhibition environment.

Prototype and demonstration device exposure. Products demonstrated on the exhibition floor are physically accessible to anyone who registers. The period between show opening and security awareness is a documented window for detailed technical examination of pre-release products.

Post-show social programme. Evening events at major exhibitions are the primary social engineering opportunity. Technical staff who have been formal during show hours are relaxed, willing to discuss their work and often not briefed on what constitutes sensitive disclosure. This is the highest-risk intelligence collection window at any trade event.

Martyn’s Law at Exhibition Venues

The Terrorism (Protection of Premises) Act 2024, which received Royal Assent on 3 April 2024, will apply to qualifying premises in the UK including major exhibition venues. ExCeL London, NEC Birmingham, Manchester Central, SECC Glasgow and other venues hosting events of 200 or more people will fall under Standard duty (200-799 capacity) or Enhanced duty (800 or more capacity) tier obligations.

Enhanced duty venues must have: a Security Management Plan; a named Senior Premises Manager with responsibility for security; and staff trained in ACT Awareness or equivalent. The SIA is designated as the regulatory body.

For exhibitors and event organisers, the practical implications are: verify the venue’s current compliance status and Security Management Plan before the event. Confirm ACT Awareness training completion for all staff working at the event. Ensure stand staff know the evacuation and emergency assembly procedures specific to that venue. Do not assume the exhibition centre’s security provision is adequate for enhanced-profile principals or high-value product demonstrations without direct liaison with the venue Security Manager.

For events held at venues abroad – Palexpo Geneva, Messe Frankfurt, Dubai World Trade Centre, ExpoCity Dubai – the applicable regulatory framework is the host country’s, not the UK’s. Pre-event review of the venue’s security framework and counter-terrorism provisions is the applicable baseline.

Device Security at International Events

The China Standard

Trade events in Mainland China – the Canton Fair (China Import and Export Fair), CIIE (China International Import Expo), China Hi-Tech Fair, and sector-specific exhibitions across Chinese cities – carry a device security profile that is categorically different from Western events.

The NCSC/FBI/CISA joint advisory (2023) on PRC state cyber threat is unambiguous: devices brought to China should be clean travel devices. A clean device carries no production credentials, no client data, no persistent authentication tokens (no saved passwords, no cached certificates), no email profiles and no access to corporate networks. The clean device can be used for demonstrations that are designed for public showing. It should not touch corporate infrastructure during the trip.

This is not speculative. NCSC has documented PRC state access to hotel room infrastructure, conference facility technical support services and business lounge charging points in China as potential collection vectors. Devices left in hotel rooms, connected to in-room charging facilities or handed to hotel technical staff for IT support have been assessed as compromised in multiple documented incidents.

Post-event IT assessment – reviewing the device for implants, unusual processes or unauthorised connections before reconnecting to any corporate infrastructure – is required for any device that was in China, regardless of precautions taken.

General Trade Event Device Protocol

For events outside China, the device security standard is lower but not absent. Demonstration devices should be air-gapped from production systems during the show: no VPN connection, no access to production credentials, no corporate email during floor hours. Devices used exclusively for demonstrations carry a lower risk profile than devices that double as the exhibitor’s working laptop.

USB drives and charging cables sourced from or distributed at trade events should not be used with corporate devices. This includes branded giveaways from other exhibitors, cables provided at charging stations, and USB-connected demonstration equipment. The CPNI’s guidance on USB security is unambiguous on this point.

VIP Protection on the Exhibition Floor

Exhibition floors are among the more demanding close protection environments. Principals moving through a trade event face: crowd density varying from moderate to extreme; multiple simultaneous access points with no effective access control; media and industry press with camera access; unpredictable movement driven by business conversations; and the expectation from colleagues and contacts that the principal is accessible.

Advance work for a principal at a major exhibition should include:

Floor plan review with entry and exit route planning. Primary entry via staff or service corridors where available rather than public main entrances. Identification of withdrawal spaces – rooms, private meeting areas, back-of-stand spaces – where the principal can step out of the crowd if required. Liaison with the exhibition security manager 48 hours before the event. Walking the floor before the principal’s arrival to identify crowd patterns, media positions and security gaps.

A two-person minimum close protection team is the baseline for a principal at a major public exhibition: one advance/overwatch, one close. Solo CP at a high-density exhibition event is not an adequate provision for anything above minimal threat profile.

Badging and accreditation for the CP team should be confirmed in advance and separate from the exhibiting company’s general staff registration. Last-minute on-the-day badging creates delay and access uncertainty at the worst possible moment.

Exhibit Theft and Physical Asset Security

Physical product theft at trade exhibitions is not rare. Prototype electronics, pharmaceutical samples, luxury goods on demonstration and specialist equipment all attract opportunistic theft during busy floor periods and organised theft during setup and breakdown windows.

Setup and breakdown are the highest-risk periods for exhibit theft. The show floor is partially accessible, security staffing levels are lower, and large volumes of equipment are moving. Registration of serial numbers, photography of high-value demonstration items before the show, and consistent chain of custody during setup are basic mitigations.

Out-of-hours storage: high-value demonstration items should not remain on open display stands overnight. Secure lockable cases, stand-integrated locked display cabinets or off-site overnight secure storage are the appropriate provisions. Many exhibition centres offer secure overnight storage through their logistics partners.

Product demonstration protocols should include a clear procedure for who accompanies demonstration items when they leave the stand for media demonstrations, investor meetings or competitor presentations. Unescorted movement of prototype products should be a defined exception, not standard practice.

Regional Events and P1 City Context

GITEX Dubai and UAE Events

GITEX Global and Arab Health at the Dubai World Trade Centre are two of the world’s largest technology and healthcare exhibitions. Dubai’s security environment is manageable for business travel and the exhibition venues are professionally managed. The specific risk at GITEX is competitive and state-level intelligence collection from the significant technology sector presence, not physical security. Chinese vendor participation at GITEX makes clean device discipline appropriate for any participant handling sensitive technology in exhibition demonstrations.

Riyadh and Saudi Arabia Events

Saudi Arabia is increasingly hosting major international business events – LEAP (technology), Future Investment Initiative, ADIPEC (Abu Dhabi but regionally relevant). The Kingdom’s domestic security environment requires specific consideration for event staff and VIP visitors: alcohol prohibition is absolute, photography restrictions apply in many locations, and FCDO travel advisory for Saudi Arabia should be reviewed before deployment. Medical infrastructure in Riyadh is good; MEDEVAC capability is available via established providers.

Istanbul Events

Istanbul hosts significant regional trade events. The security environment requires standard P2 city precautions: FCDO elevated terrorism assessment, PKK and lone actor threat, and the requirement for vetted ground transport. Exhibition security planning for Istanbul events should include terror threat awareness briefing for stand staff, clear assembly point identification, and liaison with Turkish private security company for event-specific requirements where warranted by principal profile.

For broader event security planning, see our event security planning guide. For corporate security programme design including awareness training for event-deploying staff, see corporate security programme design.

James Whitfield is a Senior Security Consultant specialising in corporate and event security. This article draws on ASIS Trade Secret Survey 2024, NCSC/FBI/CISA joint advisory on PRC cyber threat 2023, CPNI USB security guidance 2024, Terrorism (Protection of Premises) Act 2024, NaCTSO ACT Awareness guidance 2024, Control Risks 2025, OSAC Dubai/Turkey 2024, and NCSC guidance on device security at events and exhibitions 2024.