Faith-Based Daily Awareness Post 24 June 2026

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Why Two-Factor Authentication (2FA) Is Essential for Churches in the Age of AI

The Church Leaders article emphasizes that two-factor authentication (2FA), or multi-factor authentication (MFA), is one of the simplest and most effective ways churches can protect their digital assets in an era where artificial intelligence has made phishing emails, fake websites, and impersonation scams far more convincing. While a password alone is no longer sufficient to secure online accounts, enabling 2FA adds a second layer of verification—such as a one-time code sent via text, email, or an authenticator app—that significantly reduces the likelihood of unauthorized access, even if a password is compromised. The author recommends enabling 2FA on every church system that supports it, using a password manager to create and store unique passwords, and training staff and volunteers to never approve unexpected authentication requests or share verification codes with anyone. Although 2FA is not foolproof, it serves as a critical safeguard that slows attackers, limits the impact of phishing attempts, and helps churches better protect sensitive financial, administrative, and member information from increasingly sophisticated cyber threats.

Analyst Comments: As cybercriminals increasingly leverage artificial intelligence to create more convincing phishing emails, fake login pages, and impersonation campaigns, implementing multi-factor authentication (MFA) has become a fundamental cybersecurity control rather than an optional best practice. For houses of worship, where staff and volunteers often manage sensitive financial records, donor information, and online giving platforms with limited IT support, MFA provides an effective layer of defense against credential theft and account compromise. While MFA alone will not prevent every cyberattack, combining it with strong password management, security awareness training, and regular account monitoring can significantly reduce the risk of unauthorized access and business email compromise. Organizations that proactively adopt this basic security measures are better positioned to maintain operational continuity, protect congregant data, and minimize the financial and reputational impacts of cyber incidents.

White House weighs allowing states to run cybersecurity pilot programs

The White House, through the Office of the National Cyber Director (ONCD), announced plans to launch a series of state- and sector-specific cybersecurity pilot programs designed to identify scalable, cost-effective security solutions for critical infrastructure. Initial efforts are expected to focus on Texas’ water sector, South Dakota’s beef industry, and rural hospitals, with additional pilots to be developed in partnership with state governments and private-sector organizations.

However, despite the announcement, several state officials reported they had not yet been contacted or were unaware of the initiative, highlighting a disconnect between the federal rollout and state-level engagement. ONCD officials acknowledged that outreach is still underway and emphasized that participation will expand over time as the administration seeks to strengthen public-private collaboration, accelerate adoption of effective cybersecurity practices, and inform broader national cybersecurity policy.

Analyst Comments: States exploring these cybersecurity pilot programs should consider partnering with houses of worship and other faith-based organizations, particularly those that provide critical community services. Including faith-based organizations in pilot initiatives could help ensure that cybersecurity solutions and guidance are practical, scalable, and applicable to the unique operational and resource challenges many nonprofit organizations face.