Faith-Based Daily Awareness Post 20 March 2026

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Two men charged with allegedly spying on London Jewish community for Iran

BBC News is covering the disruption of an Iran-linked covert network engaged in espionage and potential sabotage in London, where individuals were recruited to conduct surveillance on Jewish targets while maintaining distance from any formal intelligence structure. Authorities highlighted how these operations rely on loosely connected actors, intermediaries, and indirect tasking to obscure intent and attribution, making detection more difficult.

Analyst Comments: Iran is increasingly adopting tactics that closely resemble those used by Russia in the United Kingdom and across Europe. Russian operations in response to the Ukraine War have demonstrated a pattern of recruiting individuals, often remotely or through online channels, to carry out low-level activities such as surveillance, reconnaissance, and arson against a range of targets. Iran’s observed use of external surveillance, intermediaries, and indirect tasking aligns with this same decentralized, low-cost model that relies on proxy actors rather than direct state involvement.

In both cases, a defining feature is compartmentalization, where recruited individuals may not fully understand the broader objective, reducing risk to the sponsoring state while complicating attribution for investigators. If the conflict involving Iran escalates or persists, it is plausible that Iran could further expand its use of these Russia-like tactics, leveraging proxy actors to conduct deniable operations in Western countries.

For security practitioners, this underscores the importance of recognizing early indicators such as unusual surveillance, unexplained tasking, or behavioral changes, as well as strengthening information-sharing and reporting mechanisms. Even small or seemingly isolated actions may be part of a larger coordinated effort designed to test vulnerabilities, create disruption, and avoid clear attribution.

Michigan City church bombing stopped

Christian Warrior Training summarizes key takeaways from the Michigan City church bombing plot, especially with regards to how preventable indicators and layered vulnerabilities intersect. The blog reinforces that individuals often communicate intent in advance through direct statements, behavioral changes, or disclosures to others and that timely reporting can fully disrupt an attack before execution. It also highlights how attackers can exploit open-access environments like churches, entering during normal operations without resistance. Additionally, the presence of multiple explosive devices and plans involving more than one target reflects a broader pattern of escalation and complexity in attack planning, rather than single, isolated acts.

Analyst Comments: The most important lesson is that incident prevention opportunities almost always exist before an attacker reaches a facility. This case underscores three critical security priorities for houses of worship. First, behavioral threat recognition and reporting pipelines are essential. In this incident, someone who knew the perpetrator enough reported them to authorities, and that single action stopped the event entirely. Second, access control and situational awareness inside buildings remains a persistent gap; many churches still rely on openness without layered monitoring, making it easy for a threat to enter undetected. Third, planning must account for multi-method and multi-target scenarios, as attackers are increasingly combining tactics rather than relying on a single approach. These lessons align with broader trends seen in other recent worship-site incidents, where early warning signs, vehicle or access vulnerabilities, and the presence or absence of trained response measures directly determined outcomes.

FB-ISAO Newsletter V8 Issue 3

The Faith-Based ISAO Newsletter (Vol. 8, Issue 3) highlights key security, resilience, and community-awareness updates relevant to faith-based organizations, emphasizing an all-hazards approach that integrates cybersecurity, physical security, and emergency preparedness. The issue underscores the growing and evolving threat landscape including cyber incidents like phishing and ransomware, as well as physical threats and broader risks such as public health events and natural disasters and reinforces the importance of proactive risk management, information sharing, and organizational resilience. It also points to the value of collaboration within trusted networks, where faith-based institutions can exchange threat intelligence, best practices, and operational insights to strengthen preparedness and response capabilities. Overall, the newsletter stresses that maintaining continuity of operations and safeguarding congregations requires a combination of awareness, strong governance, and participation in shared security ecosystems designed to support prevention, mitigation, response, and recovery efforts.