Faith-Based Daily Awareness Post 1 May 2026

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

The Risk of One Trusted Insider

A financial advisor, Olof Olsson, was arrested and charged in a 24-count indictment for allegedly stealing over $3.8 million from the Swedish Church of New York between 2018 and 2025. Prosecutors claim he diverted funds into a secret account he controlled and concealed the fraud through fabricated financial statements. The article highlights ongoing risks of insider fraud in faith-based organizations, particularly when individuals hold excessive financial control without independent oversight. Experts emphasize stronger safeguards such as independent account visibility, shared and rotating financial responsibilities, system-enforced controls, unpredictable audits, and leadership accountability to prevent similar long-term embezzlement schemes.

Analyst Comments: This case underscores a recurring insider risk pattern in nonprofit and faith-based financial management, where trusted individuals with broad system access can exploit weak segregation of duties and limited independent oversight over extended periods. The alleged use of fabricated reporting by Olsson further highlights how governance gaps compound financial vulnerability when boards rely heavily on internally generated data without direct verification mechanisms. Strengthening independent financial visibility, rotating responsibilities, and enforcing system-level controls are critical to reducing long-tail exposure to internal abuse.

Threat level increase following antisemitic terror attack

The Joint Terrorism Analysis Centre raised the UK national threat level from “substantial” to “severe,” indicating an attack is highly likely within six months. While prompted in part by the Golders Green stabbing Wednesday April 29^th, the decision reflects broader, sustained increases in both Islamist and far-right extremist threats, alongside rising state-linked influences encouraging violence. The government also announced expanded funding and security measures to protect Jewish communities.

Analyst Comments: With the threat level elevated, organizations operating in or partnering with the United Kingdom should heighten vigilance, review security postures, and ensure staff are aware of reporting protocols and situational risks.

Browser Extensions and Shadow AI: Unmanaged Threats to Privacy

The Gate 15 article explains that “shadow AI” the unsanctioned use of tools like ChatGPT, browser extensions, or embedded AI features is rapidly emerging as a major enterprise risk, particularly because it operates in the browser where organizations have little visibility or control. Employees often use these tools to improve productivity, but in doing so may unknowingly input sensitive data such as contracts, source code, or customer information into external systems, creating significant risks around data leakage, compliance violations, and loss of governance. The article emphasizes that traditional security tools are not designed to monitor this in-browser activity, making the problem difficult to detect and manage. As a result, organizations must shift from simply trying to block AI use to implementing browser-level controls, improving visibility into AI interactions, and guiding users toward approved tools. Ultimately, the key takeaway is that shadow AI is not malicious but behavior-driven employees trying to work efficiently and effective mitigation requires balancing security with usability by embedding protections directly where the risk occurs: in the browser.

FB-ISAO Education Series | Building an Intelligence Team for your House of Worship

NEXT SESSION >> May 6, 2026, 12:00 PM ET: Expanding your horizon to consider additional atypical threats, man-made and natural disasters, to prepare for all-hazards.

Register here.