Load low-bandwidth site?

Published: March 4, 2020

Reflections on my first HEAT course

Share this:

Last summer, I went on my first personal security course. Although every provider calls it something different (mine was ‘personal security for field staff’), HEAT has become the most popular moniker. This stands for ‘hostile environment awareness training’, as these courses are generally intended for aid workers travelling to/working in high-risk locations.

On a Monday morning in June last year, I left London for the English countryside. It’d be fair to say that I spent the journey feeling somewhat apprehensive about what was to come. I’d heard that I’d have to sleep outside in a tent – granted, this wouldn’t have been so bad in June – but also that I could be woken up in the middle of the night by faux hostage-takers. Thankfully for me, neither of those rumours came true.

What I did experience was a fairly gruelling four days of training, including a long but enjoyable final day putting everything I’d learnt into practice through simulation. Whilst some courses do offer tents as accommodation, I was put up in a shared dormitory with hot water and electricity.

As is probably clear, I’m not an experienced field worker. Rather, I’m a communications officer based in London. Having worked in places like Georgia and Morocco, medium-risk locations are my focus. But, working at EISF, I was keen to find out what a Hostile Environment Awareness Training (HEAT) actually entails.

When I travelled to Kenya last year with an NGO – which had given the country a ‘moderate’ risk rating – I kept an eye out for ways to implement what I’d learnt on my HEAT course. Here are some of my reflections on what this kind of training offers, and the value I’ve gained from mine.

Raising security concerns

Everyone’s perception of risk varies, and every organisation’s risk threshold, policies and practices vary. It’s therefore difficult to know from general HEAT courses which concerns are really justified. Are the security standards and practices taught in HEAT the ‘best-case scenarios’, or are they to be expected from most NGOs?

As I was about to set off on a six-hour journey from Nairobi with a team of four people, I remembered some of my trainer’s advice. We should be taking two cars so that if one of the vehicles encounters an issue, everyone can fit into the other.

I knew this was the advised practice, but I didn’t know if it was only that. Is it always necessary? Is it only applicable to high-risk locations or does it apply across the board? With limited resources, it feels unlikely that many organisations will be able to provide this. Indeed, the one driver on my trip didn’t even work for the organisation – he was hired specifically for that week because all of their own drivers were occupied.

As a recent EISF Blog by CSD’s Ebe Brons noted, many travellers rely on their intuition to keep themselves safe. He notes that doing this can cause problems even for staff whose ‘gut feeling’ is the product of years of travel and experience. But, for those who are newer to the sector, intuition is surely even less likely to suffice – making guidance on standard practices and realistic expectations even more important.

Even when staff do have ample knowledge of standard security risk management practices, particularly for those who are more junior or are just visiting, it can still be difficult to make themselves speak out about concerns. With unfamiliar people in an unfamiliar location, it’s easy to convince yourself to keep quiet, that others know better and therefore avoid causing any inconvenience or offence.

This reminds me of psychological theories of social compliance, like the bystander effect. This is basically the idea that people ignore bad things happening around them because they tell themselves that someone else will deal with it. I wondered – given the increasing recognition of bystander intervention training – whether personal security training might benefit from some of these learnings. If participants are taught what they might reasonably expect from their organisation in relation to their security, then guiding them on how to raise concerns when these practices aren’t implemented could be a useful next step.

In theory, having better knowledge of what should be expected, as well as the tools to say something when expectations aren’t met, should encourage thoughts like ‘I’m sure it’s not usual to leave for this trip without a medical kit in the car’, to become actions – like packing a medical kit – that mitigate the risk of harm to staff or operations. Because almost everyone has a tendency towards the ‘bystander effect’, its universal nature makes external HEAT courses a good place to provide intervention support.

Skills retention

I don’t know how often HEAT should be refreshed, but I do know that there are things I covered last summer that I’ve already forgotten. If the course hadn’t involved the simulation day, where we put our new skills into practice, I’m certain that I would have forgotten more content and forgotten it sooner. Practice is key, but the nature of the content makes this difficult in real life: thankfully, most staff aren’t in the practice of having to deal with hostage-takers on a regular basis.

The debate of when to repeat training is not a new one, and there are many sides to the argument. HEAT courses are costly, and for some staff, feel like a waste of their time if they’ve already gone through the motions before. Added to that, it’s not a one-hour e-learning – it’s a tiring course with some 12-hour days of trying to retain information and learn new skills. It’s easy to see how busy, overworked staff could resent the whole ordeal.

Usually, forgetting skills that you once had is, at worst, frustrating. However, when it comes to more serious matters like those covered in HEAT courses, it’s quite another. What’s more, while retaining knowledge on personal security is important, I’m most concerned with attrition that puts the wellbeing of others at stake – trauma first aid.

With more and more courses offering medical components – often with certifications – remembering how to keep oneself safe is no longer the only matter. If a trainee hasn’t retained the medical skills they learnt, and their name still has a tick next to ‘trauma first aider’, in worst-case scenarios they could end up doing additional harm if put in a situation they aren’t able to deal with. Most certificates are invalidated if training isn’t repeated after two years, but, if I were the one receiving trauma first aid, I wouldn’t be too comfortable knowing that my primary support came from someone who completed a day or two of training in 2018.

This isn’t to say that HEAT is the wrong place for medical content – I’m sure many participants are great at remembering what they learnt, and it’s certainly helpful to know that most staff have at least a basic understanding of how to provide this kind of support. However, from my experience, I would encourage organisations to be careful of medical response plans that rely too heavily on these kinds of rarely practised, sometimes superficial skills.

The importance of ‘on the job’ knowledge

My experience with HEAT reminded me of quite how many aspects of personal security are contingent on the context and the organisation. While there are lots of measures that a person can take, and indeed lots of measures that only that person can take – for example, reacting appropriately to a grenade – many other security measures are simply out of a single member of staff’s hands.

Many NGOs are under-resourced, layered with bureaucracy and globally dispersed. It simply wouldn’t be realistic to expect that they will all enact the same top-tier approaches to security all around the world. HEAT courses that assume all organisations follow the latest and best security risk management practices can set unrealistic expectations.

Conversely, HEAT providers often teach staff from multiple organisations and even multiple sectors all at once, and each participant will have different experiences of, and a different relationship to, hostile environments. It would be equally unrealistic to expect HEAT to deliver contextually and organisationally tailored knowledge to all of its participants.

Training providers will never be able to know the reality that will face each of their participants once they land in their next location. I know how to pack a wound, use a radio, avoid being shot in a carjacking, react to a grenade being thrown and choose the safest room in a hotel, but I don’t know if NGO X really want me to bother local staff to book me a car from the airport, or if, in reality, it’s expected that I’ll just take a taxi when I arrive. Realistically, the value of organisation- and context-specific knowledge simply can’t be underestimated.


On reflection, the value I got from HEAT related mostly to the truly personal security practices that it taught me. By that, I mean the actions that I myself can take to improve my own security. Whilst I enjoyed the trauma first aid training and learnt a lot that I otherwise wouldn’t have, as the time has passed, I’ve certainly become less confident in my skills. In general, I think HEAT can be a very useful exercise and one that certainly shouldn’t be written off as old-fashioned. As the sector changes and security risk management gains prominence, there are many ways in which HEAT can develop. The ones I’ve identified – encouraging frank conversation about realistic expectations from NGOs, and giving participants tools to raise security concerns when travelling – are just some of the ways in which training providers might develop their courses in the future. New approaches, skills and technologies are already changing the way HEAT is conducted, and I’m excited to see how these courses will evolve in the future.

With many thanks to Dave Heed from Clarity Security Training for his continued support of EISF.


World Humanitarian Day and ‘Aid in Danger’: a hard-look at violence against aid workers

The aid sector will be ‘celebrating’ the World Humanitarian Day with four level 3 emergencies. On a day that commemorates the bombing of the Canal Hotel in Baghdad we should be asking ourselves, do we need more humanitarian heroes, or do we need better responses (and better security-managed assistance) to…


New Briefing Paper: Security Risk Management and Religion

GISF new briefing paper Security Risk Management and Religion: Faith and secularism in humanitarian assistance examines the impact that religion has on security risk management for humanitarian agencies, and considers whether a better understanding of religion can improve the security of organisations and individuals in the field.


Event report: humanitarian action in fragile contexts

On Tuesday 8th July representatives from academia, INGOs, the private sector, journalists and other interested parties gathered at King’s College London to discuss key issues around new actors and the changing humanitarian space and how they will impact on security risk management (SRM). The focal point of the evening was…