Nonprofit organizations thrive on community engagement, and events are often the centrepiece of that mission. Whether it’s a holiday celebration, a fundraising gala, or a public awareness campaign, these gatherings bring people together in meaningful ways. Yet, they also introduce risks that must be carefully managed.

Risk Assessment 

The event preparation process begins with a clear-eyed assessment of relevant risks. Factors such as the number of attendees, the location, the prominence of the venue, and the profile of speakers all shape the risk landscape. A small indoor gathering at a familiar site may present minimal challenges, while a large outdoor event featuring a controversial speaker at a high-traffic location could elevate the risk considerably. Organizers should weigh these elements systematically, ensuring that no single factor is overlooked, including modern vulnerabilities, such as cyber exposure through livestreams or social media, which can amplify risks far beyond the physical venue.

The Planning Cycle

Once the risk profile is established, planning moves into a more detailed phase. It is important to ask practical questions: Is the venue’s security infrastructure adequate? How will guest registration be managed, and will photo identification be required? Who will serve as the central point of contact for incidents, and how will threat scenarios be documented? These considerations extend beyond the event itself, encompassing pre-event preparations such as staff training and venue walkthroughs, as well as post-event debriefs to capture lessons learned. This cyclical approach ensures that each event contributes to a growing body of organizational knowledge and resilience.

Sourcing Security Contractors

Selecting the right security firm is another critical step. Contracts should clearly define expectations, and standard operating procedures must be formalized to ensure consistency. Verify licensing, insurance, and financial stability, while also seeking references from clients with similar event profiles. The operational model of the firm—whether relying on subcontractors or employed staff—should be scrutinized, as should the training and background of individual agents. Ultimately, the culture of the firm, reflected in its senior managers, will shape the quality of the partnership. If communication or flexibility falls short during the selection process, move on quickly to other candidates.

Deciding on Security Deployment

For events that demand professional security, organizers should develop and follow minimum selection and staffing requirements. Security personnel roles range from an onsite security executive who coordinates with venue operators, to officers managing entry control, vehicle access, and perimeter patrols, with an emphasis on cross-training so that every officer can adapt to multiple responsibilities. This flexibility is crucial in dynamic environments where incidents can escalate quickly and resources must be deployed efficiently.

Conclusion

Taken together, this framework provides a roadmap for hosting safe and secure events. By integrating risk assessment, detailed planning, careful vendor selection, and professional staffing nonprofits can create environments where communities feel welcome and protected. In doing so, they not only safeguard their mission but also reinforce trust among donors, participants, and the broader public.

The post Event Security Planning for Nonprofits appeared first on Sphere State Group.

Bitcoin is often described as “unfreezable.” While the blockchain itself cannot be altered, this belief overlooks how investigations, legal authority, and custody function in real-world cases. In practice, Bitcoin assets are frozen regularly — not by changing the ledger, but by restricting access, control, and onward movement. Typically, this is done on centralized exchanges. As crypto-related fraud, theft, and financial crime continue to rise, asset freezing on the blockchain is a critical tool for investigators, exchanges, courts, and compliance teams. This article explains what asset freezing means in Bitcoin investigations, how it works, and where its limits lie.

What asset freezing means in a Bitcoin context 

In traditional finance, freezing is straightforward: a bank account is locked , and funds cannot be moved. Bitcoin operates differently. Transactions are immutable, and there is no central authority with the power to reverse or halt transfers on the blockchain. However, when users move in and out of BTC, either to fiat or to other coins and tokens, the process often touches on centralized exchanges that will respond to freeze requests. 

  

Asset freezing in Bitcoin investigations, therefore, focuses on control, not alteration. It typically involves preventing access to Bitcoin held by exchanges or custodians, while monitoring and containing funds to prevent dissipation. The objective is not to “freeze the blockchain,” but to stop assets from being moved beyond reach. By monitoring the assets in real time and informing the target, it can make it unpalatable for criminals to approach the assets again.   

When Bitcoin assets are frozen 

Asset freezing is commonly used in the following scenarios: 

• Investment and romance scams, where victims seek to preserve funds before they are laundered 

• Exchange-related incidents, including insider theft or suspicious withdrawals 

• Money laundering investigations, particularly where Bitcoin is used as a transit asset 

• Sanctions enforcement, where wallets or accounts are linked to sanctioned countries and entities 

• Civil disputes and insolvency proceedings, where courts order asset preservation 

Freezing is time-sensitive. The longer funds remain unrestricted, the greater the likelihood they will be split, mixed, or taken off an exchange. 

How freezing works in practice 

Assets held by exchanges and custodians 

Centralized exchanges and custodial platforms are the most effective control points, along with funds held in stable coinds. Where Bitcoin is held in an account tied to KYC information, freezing can be implemented through court orders or law enforcement request. Some exchanges will also give a quick reaction based on request by investigators. Exchanges can suspend withdrawals, preserve balances, and provide transaction records. For this reason, many successful asset preservation efforts begin by identifying whether funds have passed through or remain on a regulated platform. 

Self-custody wallets 

Freezing becomes significantly more complex when Bitcoin is held in self-custody wallets. There is no technical mechanism to stop a private key holder from spending funds. In these cases, freezing relies on legal and investigative pressure rather than technical control. 

Common approaches include: 

• Freezing or restraining orders issued against identified individuals, while simultaniously targeting the individual’s real-world assets.  

• Disclosure orders requiring intermediaries to reveal information linked to wallet activity 

• Search and seizure warrants targeting devices that may contain private keys 

These measures are jurisdiction-dependent and enforcement varies widely. 

The role of blockchain analysis 

Blockchain analysis underpins nearly every Bitcoin freezing effort. Investigators trace transaction paths to: 

• Identify address clusters and wallet behavior 

• Track funds through layering, peeling, or mixing activity 

• Detect interaction with exchanges, OTC desks, or custodians 

• Provide evidentiary support for legal applications 

Analysis does not freeze assets on its own, but it determines where freezing is possible and when action must be taken. 

Limitations and risks 

Bitcoin asset freezing is not guaranteed, and there are clear limitations: 

• Jurisdictional fragmentation enforcement power stops at borders 

• Speed of transactions funds can be moved within minutes 

• Privacy-enhancing techniques mixers and coinjoin transactions complicate tracing 

• Uncooperative or offshore platforms some entities resist or delay compliance 

• Exclusive self-custody without intermediaries, leverage is limited 

These realities mean freezing is most effective when initiated early and supported by strong evidence. 

Practical considerations for different stakeholders 

Victims 

Early reporting and evidence preservation are critical. Delays significantly reduce the chance that assets can be restrained. 

Exchanges and custodians 

Clear internal procedures for asset freezing, legal review, and law enforcement engagement are essential. Delays or ambiguity can result in assets leaving the platform permanently. 

Institutions and corporates 

Crypto exposure should be covered by incident response planning, including legal escalation paths and forensic support. Asset freezing is far more effective when preparation exists before an incident occurs. 

Why coordination matters 

Bitcoin asset freezing is rarely successful through legal action alone or technical analysis alone. It requires coordination between: 

• Blockchain investigators 

• Legal counsel 

• Exchanges and service providers 

• Regulators or law enforcement 

When these elements operate in isolation, assets are often lost before intervention occurs. 

Conclusion 

Bitcoin may be decentralized, but it is not beyond restraint. Asset freezing remains a viable and frequently used tool in Bitcoin investigations — provided action is taken quickly, evidence is solid, and enforcement targets realistic control points. 

Understanding how freezing works, where it fails, and what conditions improve success is essential for anyone dealing with financial crime, compliance, or asset recovery in the digital asset space. 

The post Asset Freezing in Bitcoin Investigations: What Victims, Exchanges, and Institutions Need to Know appeared first on Sphere State Group.

 

Consensus Hong Kong 2026 brings together global leaders across digital assets, blockchain, AI, and institutional finance at the Hong Kong Convention and Exhibition Centre from February 11 to 12, 2026. 

As a firm dedicated to the crypto and digital asset sector, Sphere State is proud to be part of this industry gathering once again. Our senior team will be present throughout the event and we’ll be happy to talk to you – Just drop by booth 4604.  

 

Connect With Sphere State at Booth 4604 

If you are attending Consensus, we invite you to visit Booth 4604 to meet our senior professionals and discuss the challenges facing digital asset businesses. 

Whether you are strengthening governance, preparing for institutional growth, managing regulatory exposure, or enhancing incident readiness, we welcome thoughtful, confidential discussions focused on practical outcomes. 

 

Built for High-Stakes Environments. 

Digital assets are entering a new phase of adoption. As the sector matures, expectations around security, transparency, and operational resilience continue to rise. Organizations can no longer rely on reactive measures. Leadership teams are expected to anticipate threats, protect stakeholder confidence, and respond decisively when incidents occur. 

Sphere State was built to support exactly these moments. Our work sits at the intersection of intelligence, investigation, and strategic advisory, helping clients operate with greater clarity and control in an increasingly scrutinized environment. 

 

About us 

Pre-Launch Planning and Risk Strategy 

We help virtual asset projects, platforms, and financial participants identify vulnerabilities before launch. Our advisory covers threat modeling, wallet architecture considerations, jurisdictional exposure, and incident-response preparedness. 

 

Virtual Asset Tracing and Recovery 

Leveraging advanced blockchain analytics and cross-border intelligence capabilities, we trace illicit asset flows, support freeze actions, and assist recovery efforts across multiple jurisdictions. 

 

Litigation and Dispute Support 
Trusted by leading law firms, we provide expert analysis, evidentiary support, and specialist insight into matters involving fraud, insolvency, asset misappropriation, and complex digital asset disputes. 

 

Crisis and Incident Management 
When critical events occur, speed matters. Our rapid-response capability supports organizations facing cyber-attacks, insider threats, asset theft, and other time-sensitive situations where decisive action is essential. 

 

We look forward to engaging with those who recognize that a proactive risk strategy is now fundamental to long-term success in crypto. 

Event Details 

Event: Consensus Hong Kong 2026 
Dates: February 11 to 12, 2026 
Location: Hong Kong Convention and Exhibition Centre 
Sphere State Booth: 4604 

 

Visit Booth 4604 to connect with Sphere State and explore how we can help your organization navigate risk, protect assets, and operate with confidence in a high-risk digital landscape. 

The post Sphere State at Consensus Hong Kong 2026. Let’s Connect. appeared first on Sphere State Group.

 

As digital assets continue to mature, the risks surrounding fraud, regulatory exposure, and asset loss are becoming more complex. Consensus is the world’s longest running and most influential gathering of the crypto and Web3 community, and we are proud to be part of this important conversation for the second consecutive year. We will be on-site both in Hong Kong and in Miami.   

Why Visit Sphere State at Booth 4604 

Because our CEO Bjorn and senior partners Ilya and Jussi will all be at the booth, happy to field your questions. Sphere State supports organizations operating in high-risk digital asset environments. We work with exchanges, institutional investors, Web3 companies, law firms, and regulators. We’ve been in crypto for 10+ years, and we’ve seen it all: the good the bad and the ridiculous.  

If digital assets are part of your business, visit Booth 4604 for practical, confidential discussions about real-world challenges and solutions. 

Building a Safer Digital Asset Ecosystem 

As our CEO Bjorn Wahlstrom likes to say: At Sphere State, we believe effective risk management requires multiple layers of protection across technical, operational, legal, and strategic domains. Sponsoring Consensus Hong Kong reflects our commitment to helping the digital asset industry mature responsibly with stronger safeguards and faster response when incidents occur. 

We look forward to connecting with industry leaders, developers, legal professionals, and compliance teams who share this vision. 

At Sphere State Group, we specialize in critical defense systems for crypto ventures, investors, and legal teams: 

 

Pre-Launch Planning & Risk Strategy 

Proactive advisory for virtual-asset projects, exchanges, and issuers to identify risks before launch, including threat modelling, wallet architecture review, jurisdictional exposure, and incident-response readiness. 

 

Virtual Asset Tracing & Recovery 

Advanced on-chain and off-chain forensic investigations to trace illicit flows, identify freezable assets, and execute coordinated recovery strategies across jurisdictions. 

 

Litigation & Dispute Support 

We are a trusted partner to law firms in crypto-related disputes, insolvency, and fraud matters, providing expert analysis, evidentiary support, and global expert-witness services. 

 

Crisis & Incident Management 

24/7 rapid-response capability for ransomware attacks, asset theft, insider compromise, and other critical incidents. 

Event Details 

• Event: Consensus Hong Kong 

• Dates: February 10 to 12, 2026 

• Location: Hong Kong Convention and Exhibition Centre 

• Sphere State Booth: 4604

   

Stop by Booth 4604 to meet our team and discuss how we can support your organization in an increasingly complex digital asset environment. 

The post Meet the Sphere State Senior Team at Consensus Hong Kong 2026 appeared first on Sphere State Group.

The post Exclusive Analysis from Rob Goldberg: The Current Threat Environment appeared first on Sphere State Group.

Securing a Building Isn’t About the Grant. It’s About the Door. 

Getting a grant approved feels like a win. For many organizations, it’s the moment everyone exhales. But that letter isn’t the finish line—it’s the point where things actually start to matter. 

Because once the funding is in place, you still have to turn dollars into real security. And that’s where mistakes happen. 

Doors get reused because “they look fine.” 
Locks get chosen because they’re familiar. 
Vendors promise solutions that sound secure but fall apart under scrutiny. 

In security, assumptions are dangerous. A door is not just a door. A lock is definitely not just a lock. And when the hardware doesn’t match the threat, all you’ve really purchased is a false sense of protection. 

This article is about the physical reality of securing a perimeter. Not cameras. Not policies. Not paperwork. Just doors, frames, locks, and the decisions that separate real resistance from the illusion of it. 

 

Start With the Door, Not the Technology 

Most security failures don’t start with electronics. They start with the door itself. 

Walk into almost any community center or house of worship built in the last few decades and you’ll see the same thing: aluminum storefront doors with lots of glass. They look open and inviting. They also happen to be one of the weakest perimeter options available – the only worse alternative being no door whatsoever. 

Storefront doors usually have very narrow metal housings with lots of glass. There simply isn’t enough metal there to properly anchor serious hardware. Under force, these doors flex, frames bend, locks pull away, glass shatters. 

A determined attacker doesn’t need to defeat the lock. They just need to deform the door enough for the latch to slip. They can also simply break a large glass pane. 

If your budget allows for replacement, this is where money should go first.  Storefront doors with thicker metal housings are better, but hollow metal doors are the gold standard. They’re rigid, stable, and designed to take abuse without warping. 

Solid core wood doors can work too, but only if you understand their limitations. Wood moves. Temperature and humidity matter. Once you get into tall exterior wood doors—especially over eight feet—you’re asking for alignment problems. And alignment problems turn locked doors into unsecured ones. 

 

Why the Lock You Choose Matters More Than You Think 

One of the most common—and costly—mistakes in security upgrades is using residential-grade locks on commercial perimeter doors. 

If the key goes into the knob or lever, you’re looking at a cylindrical lock.  

Source: https://www.gharabanao.com/shop/godrej-cylindrical-lock-wooden-keyed-5809-17003

These are fine for houses and interior rooms. They are a poor choice for exterior doors that matter. 

Cylindrical locks rely on short latch bolts and the physical strength of the knob itself. A hard strike can shear the knob off entirely. Even without brute force, the short latch throw makes them easy to pry if the door shifts even slightly out of alignment—which happens in almost every building over time. 

Mortise locks are built for a different world. 

Source: https://www.inoxproducts.com/mortise-locks

With a mortise lock, the cylinder is separate from the handle, and the entire mechanism sits inside a steel pocket in the door. These locks are designed to be abused. The latch throw is deeper. The dead latching is real. Once the door closes, the latch is mechanically frozen in place. 

You can’t slide it back with a tool. You have to operate the lock. 

That distinction alone stops an enormous number of forced-entry attempts. 

 

When Electronics Make Things Worse 

Electronic access control is where good intentions often create new vulnerabilities. 

Magnetic locks are a perfect example. They’re common, familiar, and often pitched as a clean solution for access control. On paper, a maglock sounds impressive—over a thousand pounds of holding force. 

Source: https://www.digimarkbd.com/blog/what-is-an-em-lock/

But here’s the reality: maglocks are fail-safe by design. Lose power or trigger the fire alarm, and the door unlocks. Cut electricity, and your perimeter opens. 

That means your security depends entirely on continuous power. 

Then there’s the exit motion sensor.  

Source: https://warroom.rsmus.com/wp-content/uploads/2014/11/REX.jpg

Most maglocks rely on a PIR sensor to unlock the door as someone approaches from the inside. These sensors are notoriously easy to trick. Warm air. Paper slipped through a gap. A simple tool in the right place. 

The result is a door that can be unlocked from the outside without ever touching the reader. 

There are situations where maglocks are unavoidable—certain glass assemblies leave no alternative—but they should never be the default. 

A better approach is to keep the door mechanically secure and add electronics to the lock itself. 

Electric strikes are common, but they introduce a moving part into the frame. Under impact, that keeper becomes the weak point. 

Source: https://www.securityinformed.com/companies/hid-global/products/assa-abloy-hes-es100-electronic-locking-device-technical-details.html

Electrified mortise-type locksets avoid that problem entirely. The door stays latched. The electronics only control whether the outside handle works. When someone kicks the door, they hit steel—not a small mechanical release. 

 

What to Do When Replacement Isn’t an Option 

Not every building can be gutted and rebuilt. Historic properties, limited grants, and phased projects are realities. 

The good news is that targeted retrofits can still add meaningful resistance. 

Latch guards are a great example. They’re simple metal plates that cover the gap between the door and frame near the lock. They aren’t pretty. They are extremely effective. A crowbar can’t reach what it can’t access. 

Source: https://latchprotector.com/products/3-5-x-11-75-latch-protector-full-cut-out-stainless-steel-lp225-latch-guard

 Exposed lock cylinders are another weak point. If a cylinder can be gripped, it can be twisted out. A spinning collar removes that leverage entirely.

Source: https://www.giahardware.com/Em_D_Kay_SPC3_Brass_Spring_Type_Cylinder_Collar_Fo_p/spc3.htm

Outward-swinging doors bring hinge problems. If the pins are exposed, the door can be removed even if it’s locked. Security hinges or non-removable pins solve that issue without changing the door itself. 

Sources: https://www.reddit.com/r/homedefense/comments/1ecdexa/how_to_secure_this_outward_swing_door_hinges_are/

These aren’t high-tech solutions. They’re practical ones. 

 

Glass Is Always the Compromise 

Vision panels in door loafs are often necessary. Blind doors create safety issues. But glass placement matters more than most people realize. 

If someone can break glass and reach the handle, the door is compromised. Glass should be narrow and placed as far from the locking hardware as possible. 

Source: https://www.trend-usa.com/project-vision-panel

And despite what many people believe, wire glass is not a security feature. The embedded wire actually makes the glass weaker by creating fracture points. It was designed for fire containment, not impact resistance. 

If replacement isn’t possible, anchored security films can significantly improve resistance. Laminated glass or polycarbonate is even better. 

 

Security Still Has to Follow the Code 

No matter how serious the threat is, life safety always comes first. 

Egress doors must allow people to exit with a single motion. No keys. No combination. No second step. Double-cylinder deadbolts on exit doors are not just dangerous—they’re illegal. 

Fire Marshals have the authority to shut facilities down over non-compliant hardware. Improper modifications can avoid fire ratings and insurance coverage. These aren’t theoretical risks. 

Good security works with the code, not against it. 

 

The Real Takeaway 

Security isn’t about buying the most advanced system. It’s about choosing the right components for the threat. 

A mechanically sound door with a proper mortise lock will outperform an expensive electronic system built on weak hardware. Every time. 

Start with the shell. Strengthen the door and frame. Choose hardware that resists force. Add technology only after the fundamentals are solid. 

That’s how you move from looking secure to being secure. 

 

The post Decoding door hardware, avoiding code violations, and hardening your perimeter without breaking the bank. appeared first on Sphere State Group.

The journey from receiving a security grant award letter to standing behind a hardened perimeter is rarely a straight line. For many organizations, the initial excitement of securing funding is quickly replaced by the crushing administrative weight of procurement rules, environmental reviews, and vendor management. 

 

In this Sphere State Security Briefing, we provide a comprehensive operational roadmap to bridge the gap between administrative compliance and physical security implementation. Whether you are navigating the Federal Nonprofit Security Grant Program (NSGP) or a state-level initiative, the difference between a successful project and a bureaucratic nightmare often comes down to strategy, not just funding. 

Below, we dismantle the complexities of the “Three Bid Rule,” debunk common hardware myths regarding barriers and guard posts, and outline how to turn “check-the-box” training into genuine survival muscle memory. 

Part I: The Administrative Foundation 

“If it isn’t written down, it didn’t happen.” 

Before a single screw is turned or a camera mounted, the administrative foundation must be solid. Grant management is not a passive activity; it requires a rigorous devotion to record-keeping that can withstand a state audit three years from now. 

The “Master File” Protocol 

One of the most practical takeaways for any grant recipient is the concept of the Master File. Years after your project is complete, the government may audit your expenses. Will you be able to produce the email chain where you solicited a bid from a minority-owned business? Will you have the screenshot proving you publicly advertised the project in a local journal? 

You must maintain a centralized, redundant repository of every interaction, bid, decision, and delay. This file is your insurance policy. If a vendor delays your project, document the follow-up emails. If you choose the second-lowest bidder because the lowest bidder didn’t meet the technical scope, document the justification immediately. 

The Golden Rule of Procurement: The “Three Bid” Mandate 

The most common point of failure in security execution is the Three Bid Rule. Generally, you are required to solicit three written bids for each project within your grant. 

However, the definition of “project” acts as a trap for the unprepared. If you treat your camera installation, your alarm system, and your access control as three separate projects, you create triple the administrative work. 

The Strategy: Project Consolidation Do not fragment your security upgrades. Instead of managing eight small contracts—one for front doors, one for back doors, one for a camera server—consolidate them. 

• Bundle Related Systems: Combine CCTV, alarms, and access control into a single “Integrated Security Technology” Request for Proposal (RFP). 

• The Benefit: You only run one bidding process. You find a single “Prime Contractor” or integrator capable of handling the entire scope. This reduces your administrative burden and prevents the “blame game” where the door vendor blames the lock vendor for a malfunction. 

The Advertising Threshold 

Be aware of the “public advertising” tripwire. For many federal and state grants, if a specific contract exceeds $10,000, you are often required to advertise the bid publicly (e.g., in a local newspaper or business journal) to ensure fair competition. 

• Sealed Bids: For these larger projects, you must often utilize a formal “sealed bid” process, where contractors submit pricing without seeing competitors’ offers. 

• The “No Bid” Scenario: If you advertise and only one vendor responds, you cannot simply hire them by default. You must demonstrate a “good faith effort” to find competition. This means documenting phone calls, re-posting ads, and actively soliciting quotes. Without this paper trail, your reimbursement request may be denied. 

Part II: Financial Strategy & Resource Allocation 

Maximizing the “Hidden” Funds 

Many organizations view the grant solely as money for hardware. This is a mistake. A successful security strategy utilizes every allowed expense category to ensure professional implementation. 

Leveraging M&A (Management & Administration) 

Most security grants allow you to allocate up to 5% of the total award for Management & Administration (M&A) costs. This is essentially “free money” to ensure the project is run correctly. 

• External Support: You can use these funds to hire a dedicated grant writer or project manager to handle the bidding process, paperwork, and vendor oversight. 

• Internal Staffing: Crucially, you can use M&A funds to pay existing employees, but only for overtime. You cannot “supplant” their regular salary (paying them for work they would have done anyway). It must be for hours worked above and beyond their normal schedule, supported by meticulous timesheets. 

The Reality of Supply Chain Extensions 

In the current global economy, delays are inevitable. Whether it is microchips for cameras or steel for bollards, supply chains are fragile. 

• Do Not Panic: If you cannot complete your project within the performance period due to vendor delays, extensions are possible. 

• The “Blanket” Extension: State administering agencies are often aware of these macro-level issues. If you communicate early and document that you placed the order on time, you will likely fall under a “blanket extension” issued to all grantees facing similar shortages. 

 

Part III: Hardening the Target 

Moving from Paperwork to Physical Reality 

Once the procurement hurdles are cleared, the focus shifts to hardware. This is where “shiny object syndrome” often leads organizations astray. We must establish a hierarchy of effectiveness, distinguishing between feeling safe and being safe. 

The Barrier Myth: Boulders vs. Bollards 

A frequent request from organizations is to use grant funding for “aesthetic” barriers—large stone planters, masonry walls, or landscaping rocks—rather than industrial steel bollards. 

The Engineering Reality: A standard stone wall or planter is not a vehicle barrier. Unless a barrier is certified and engineered with a specific Crash Rating (such as K-ratings or ASTM standards) to stop a vehicle moving at speed, it is often ineligible for funding. 

• The Risk: A truck moving at 30 mph possesses immense kinetic energy. A non-reinforced stone wall will not stop it; it will merely become shrapnel. 

• The Requirement: If you want to use the grant for vehicle mitigation, you must install rated bollards or engineered barriers. Do not assume a local mason can build a “security wall.” 

The “Guard Shack” Prohibition 

Another common misconception involves the construction of guard booths. 

• New Construction Rule: Most security grants strictly prohibit “new construction.” They are designed to harden existing infrastructure. 

• The Verdict: Building a freestanding guard shack in your parking lot is generally not an allowable expense. 

• The Workaround: You can often use funds to harden an existing vestibule or entryway. Retrofitting an existing structure to create a “man-trap” with electronic locks and bullet-resistant glass is considered a renovation, not new construction, and is usually eligible. 

Gates and Fencing: The Narrative Consistency 

If you intend to install electronic gates or perimeter fencing, ensure this was explicitly detailed in your original Vulnerability Assessment. 

• The Audit Trail: State analysts will compare your receipts against your initial application. If your assessment focused entirely on active shooter threats inside the building, but you spend $50,000 on a perimeter fence, your reimbursement will be flagged. Your spending must mirror the “Investment Justification” you submitted to win the grant. 

Part IV: The Human Element 

Training, Drills, and “Muscle Memory” 

The most sophisticated lock in the world is useless if the person holding the key panics. Security hardware buys time; security training buys survival. 

Beyond the Lecture Hall 

One of the most critical failures in organizational security is the reliance on passive learning. Sitting in a lecture hall listening to a PowerPoint presentation on “Active Shooter Response” does not create preparedness. It creates awareness, but not competence. 

The Standard: Drills with “Injects” Effective training requires the development of muscle memory. 

• The Methodology: You must run physical drills. Furthermore, these drills must include “injects”—unexpected variables introduced mid-scenario. 

• Example: During an evacuation drill, tell a staff member, “This exit is blocked by smoke.” Watch how they react. 

• The Lizard Brain: In a crisis, the cognitive brain shuts down and the “lizard brain” takes over. If the physical act of locking a door or evacuating hasn’t been rehearsed to the point of instinct, staff will freeze. 

The Role of Law Enforcement 

Do not train in a vacuum. It is highly recommended—and often looked upon favorably by grant administrators—to involve local law enforcement in your training. 

• Site Familiarity: Invite Community Affairs or Counter-Terrorism officers to walk your site. You want them to know your floor plan before a 911 call is made. 

• Protocol Alignment: Your staff needs to know how to behave when the police arrive with weapons drawn. (e.g., “Show your palms,” “Do not run toward officers”). This alignment prevents “blue-on-blue” tragedies or confusion during a response. 

 

Part V: Conclusion 

Policy Over Product 

Security is a puzzle. It is not solved by a single camera, a hardened door, or a roll of window film. It is the integration of administrative compliance, sturdy hardware, code-compliant installation, and rigorous operational policy. 

The Final Takeaway: 

• By following the procurement rules, you ensure you actually receive the funding you were promised. 

• By choosing the right hardware (rated bollards, anchored film, mortise locks), you ensure the physical barrier holds. 

• By investing in active training, you ensure your people know how to use the time those barriers buy them. 

In the realm of Sphere State security, we do not rely on luck. We rely on documentation, engineering, and preparation. 

The post Sphere State Security Briefing: The Strategic Guide to Grant Compliance and Hardening appeared first on Sphere State Group.

On Friday, Senate Republican appropriators unveiled a long-delayed Homeland Security bill for fiscal 2026, recommending $65.95 billion in discretionary funding, a slight decrease from the House version.

The bill lacked bipartisan support (particularly over border security, immigration enforcement, and detention provisions) and had no committee markup.

While the House version also lacked bipartisan support, it was reported out of committee in June on a party-line vote.

The House bill contains $335 million for the Nonprofit Security Grant Program. The Senate bill includes $330 million.

Should the competing bills get to a bi-cameral conference (formally or informally) to work out competing differences, the NSGP funding level will likely fall between the narrow margin of difference between the bills.

This all but closes the door on securing the $500 million NSGP allies in Congress and stakeholder advocates have pursued.

When Congress returns from its holiday the first week in January, they will have a little more than 3 weeks to complete the outstanding FY 2026 Appropriations bills before the current temporary funding extension (Continuing Resolution) runs out.

For many years, the Homeland Security spending bill has been one of the hardest for both parties to agree on, and this year’s partisan disagreements are significant and could very well result in another year-long funding extension as a result. If this were to occur, NSGP would be expected to be flat funded again at $274.5 million.

[Note: In 2024, NSGP received an annual appropriation of $274.5 million. But the total amount Congress made available to NSGP that year was significantly boosted by a one-time national security supplemental (HR 815) of $400 million. The total of $674.5 million dwarfed any previous year’s appropriation for NSGP.]

Best,

Rob Goldberg
Principal
Goldberg & Associates LLC
In Partnership with Sphere State

The post Homeland Security Appropriations Update appeared first on Sphere State Group.

On Friday, Senate Republican appropriators unveiled a long-delayed Homeland Security bill for fiscal 2026, recommending $65.95 billion in discretionary funding, a slight decrease from the House version.

The bill lacked bipartisan support (particularly over border security, immigration enforcement, and detention provisions) and had no committee markup.

While the House version also lacked bipartisan support, it was reported out of committee in June on a party-line vote.

The House bill contains $335 million for the Nonprofit Security Grant Program. The Senate bill includes $330 million.

Should the competing bills get to a bi-cameral conference (formally or informally) to work out competing differences, the NSGP funding level will likely fall between the narrow margin of difference between the bills.

This all but closes the door on securing the $500 million NSGP allies in Congress and stakeholder advocates have pursued.

When Congress returns from its holiday the first week in January, they will have a little more than 3 weeks to complete the outstanding FY 2026 Appropriations bills before the current temporary funding extension (Continuing Resolution) runs out.

For many years, the Homeland Security spending bill has been one of the hardest for both parties to agree on, and this year’s partisan disagreements are significant and could very well result in another year-long funding extension as a result. If this were to occur, NSGP would be expected to be flat funded again at $274.5 million.

[Note: In 2024, NSGP received an annual appropriation of $274.5 million. But the total amount Congress made available to NSGP that year was significantly boosted by a one-time national security supplemental (HR 815) of $400 million. The total of $674.5 million dwarfed any previous year’s appropriation for NSGP.]

Best,

Rob Goldberg
Principal
Goldberg & Associates LLC
In Partnership with Sphere State

The post Homeland Security Appropriations Update appeared first on Sphere State Group.

Congress established the Nonprofit Security Grant Program in 2004, as the first singular program to provide for the security of the Jewish community and faith-based and other at-risk nonprofit institutions.

The Jewish community led on the program’s inception because targeted attacks on synagogues and Jewish Community Centers became a security risk of national importance post-September 11 attacks.

I had already been working with Congress to develop the NSGP program in the winter of 2001, which took on new urgency in June 2002, when the FBI warned that Al-Qaida might attack Jewish targets with gas trucks, leading to widespread concern and need for heightened security in Jewish communities nationwide. (See: JTA, “Jewish vigilance high after FBI warning,” June 25, 2002; Link: https://www.jta.org/2002/06/25/lifestyle/jewish-vigilance-high-after-fbi-warning.) This incident became a unifying catalyst among Jewish communal advocates to secure enactment of NSGP legislation nearly two years later.

Since then, and too frequently, Jewish communal and other faith-based and nonprofits have been targets of foreign terrorist organizations, homegrown violent extremists, racially or ethnically motivated violent extremists, and grievance-driven malicious actors.

The Israel-Hamas war has been a particularly pivotal event that has triggered an escalation of violence in communities throughout the country and globally – and also targeting Muslim and Arab communities at home.
In May, Elias Rodriguez was charged with federal and local murder offenses in connection with the fatal shooting of two Israeli Embassy staff members outside the Jewish National Museum in Washington, D.C. Moments after the shooting, Rodriguez entered the museum, displayed a red keffiyeh and allegedly said, “I did it for Palestine. I did it for Gaza.” (See: U.S. Attorney’s Office, District of Columbia, “Federal Hate Crime and First-Degree Murder Charges Filed Against Alleged Killer of Israeli Embassy Staff Members,” August 7, 2025; Link: https://www.justice.gov/usao-dc/pr/federal-hate-crime-and-first-degree-murder-charges-filed-against-alleged-killer-israeli.)

In June, Mohammed Sabry Soliman was charged with 12 hate crimes and murder for throwing incendiary devices at individuals participating in a pro-Israel gathering near the Boulder, Colorado, Courthouse. 82-year-old Karen Diamond, died of her injuries. When throwing one of the Molotov cocktails, Soliman reportedly shouted, “Free Palestine!” Investigators recovered a handwritten document recovered from the vehicle driven by Soliman that  included the following statements: “Zionism is our enemies untill [sic] Jerusalem is liberated and they are expelled from our land,” and further described Israel as a “cancer entity. (See: Department of Justice, Office of Public Affairs, “Alleged Perpetrator of Terror Attack in Colorado Charged with Hate Crimes,” June 25, 2025; Link: https://www.justice.gov/opa/pr/alleged-perpetrator-terror-attack-colorado-charged-hate-crimes.)

Also in June, Muhammad Shahzeb Khan was extradited to the United States from Canada, in connection with charges he attempted to enter the United States to commit a mass shooting on a Jewish community center in Brooklyn, New York. Khan allegedly planned to carry out this attack “on or around Oct. 7, 2024 — which Khan recognized as the one-year anniversary of the brutal terrorist attacks in Israel by Hamas.” (See: Department of Justice, Office of Public Affairs, “Pakistani National Extradited to Face Charges in Connection with Plot to Carry Out ISIS-Inspired Mass Shooting at Jewish Center in New York City,” June 10, 2025; Link: https://www.justice.gov/opa/pr/pakistani-national-extradited-face-charges-connection-plot-carry-out-isis-inspired-mass.)

Jewish and other religious holidays, including Chanukah and Christmas, have also occasioned terrorist threats and attacks.

In August, Mufid Fawaz Alkhader was sentenced to 10 years in prison for, in part, twice firing a shotgun while standing outside the entrance to Temple Israel in Albany, New York, during Chanukah 2023. During the incident he was allegedly “shouting ‘Free Palestine!’” It was reported that “As a result of Alkhader’s actions, Temple Israel was forced to cancel a planned concert and candle lighting ceremony to celebrate Chanukah that evening, and its congregants were afraid to return to their place of worship.” See: Department of Justice, Office of Public Affairs, “New York Man Sentenced for Firearm and Religious Hate Crimes Involving the Firing of Shots Outside of Temple Israel in Albany,” August 12, 2025; Link: https://www.justice.gov/opa/pr/new-york-man-sentenced-firearm-and-religious-hate-crimes-involving-firing-shots-outside.)

In the U.S. in 2023, the Jewish community faced an already elevated and increasing threat level even before the major spike in antisemitism that occurred (and has been sustained) after the October 7 Hamas attack on Isreal. February, March, April, May, and September 2023 each broke the prior record for the most antisemitic incidents recorded in a single month in ADL’s history. According to the ADL, February, March, April, May, and September 2023 each broke the prior record for the most antisemitic incidents recorded in a single month in ADL’s history. (See: ADL, “Audit of Antisemitic Incidents 2023,” April 16, 2024; Link: https://www.adl.org/resources/report/audit-antisemitic-incidents-2023.) These elevated months coincided with the 2023 Jewish holidays of Purim, Passover, Shavuot, Rosh Hashannah, Yom Kippur, and Sukkot.

The December 14, deadly mass casualty attack targeting Chanukah celebrants in Sydney, Australia, has placed US cities on alert. For instance, the New York Policy Department issued a post-incident assessment that found “there have been at least 48 major incidents targeting synagogues and Jewish community events worldwide, since the 7 October 2023 Hamas-led mass casualty attacks against Israel.” They further assessed that the December 14 attack “and its perpetrators will likely be praised and exploited by a variety of violent extremists to justify or incite similar acts of terrorism against the Jewish community.” (Source: NYPD Shield Post-Attack Assessment, “Mass Casualty Terrorist Attack Targets Hannukah Celebration on Australia’s Bondi Beach,” December 14, 2025.)

2025 has been particularly violent and NYPD’s assessment includes advice that tracks long-standing recommendations: Jewish communal and other faith-based and nonprofit institutions should employ access denial and target hardening measures, tabletop exercises, and emergency protocol/response drills. These are the very investments FEMA’s Nonprofit Security Grant Programs support.

With wave after wave of antisemitic attacks and hate crimes that have occurred in 2025, Congress will return for the second session of the 119th Congress on January 5, 2026, with a number of unfinished nonprofit security measures to consider, including:

– The FY 2026 NSGP program funding. New York Senators Chuck Schumer and Kirsten Gillibrand are seeking $500 million. This would constitute a $225.5 million increase above the $274.5 million appropriated level in 2025.

– The “Pray Safe Act” (H.R. 5645). New York Representatives Grace Meng (D-NY-6), Michael Lawler (R-NY-17), and Daniel Goldman (D-NY-10) are leading on this bipartisan bill, which would establish a federal clearinghouse through which faith-based organizations, houses of worship, and other nonprofits can access information on safety and security best practices, available federal grant programs, and training opportunities.

[I note that in 2019, another deadly Chanukah attack took place in Rep. Lawler’s district, had served to amplify calls from community members and leaders around the country to increase federal funding and actions to protect at-risk nonprofit organizations. (See: JTA, “After a machete stabbing on Hanukkah, Monsey’s Orthodox Jews are defiant but searching for answers,” December 29, 2919; Link: https://www.jta.org/2019/12/29/united-states/after-a-machete-stabbing-on-hanukkah-monseys-orthodox-jews-are-defiant-but-searching-for-answers.)]

– The “DHS Grants Accountability Act” (H.R.6507). New York Representative Timothy Kennedy (D-NY-26) is the author of this bill, which would ensure greater accountability, predictability, and transparency at FEMA over its administration of the State and local preparedness (including NSGP), transit, and port security grant programs.

Of the more than 11 thousand hate crimes (with close to 14 thousand victims) reported by the FBI in 2024, religious bias crimes in 2024 represented 23.5% of all hate crimes reported. Although Jews only make up around 2 percent of the U.S. population, anti-Jewish hate crimes comprised 16 percent of all reported hate crimes and nearly 70 percent of all reported religion-based hate crimes in 2024, slightly higher than the prior year.

In 2025 (as recorded between December 31, 2024 and December 15, 2025), the FBI reports hate crime incidents having occurred against every category of Religion, including Anti-Jewish, Anti-Islamic (Muslim), Anti-Catholic, Anti-Protestant, Anti-Sikh, Anti-Hindu, Anti-Buddhist, Anti-Mormon, Anti-Jehovah’s Witness, Anti-Eastern Orthodox, Anti-Multi-Religious Group, Anti-Other Christian, and Anti-Atheist/Agnostic. Incidents have occurred nationwide. (Source FBI Crime Data Explorer Link: https://cde.ucr.cjis.gov/LATEST/webapp/#/pages/explorer/crime/hate-crime.)

While issues of Jewish communal security are a particular concern for New York (hence the above leadership on the issue), the risks are high, nationally, for Jews and for the faith-based communities and the nonprofit sector at large. This is why over the years, NSGP and related legislation to improve the program and nonprofit security, generally, have been supported in both the House and the Senate, by Members of Congress from across the political spectrum, representing city, urban, and rural communities.

The nation’s law enforcement and counterterrorism experts cannot predict where, when, and how the next terrorist attack targeting a faith-based or communal institution will occur. (Source: DHS Office of Intelligence and Analysis, “Homeland Security Assessment 2025,” October 2, 2024; Link: https://www.dhs.gov/publication/homeland-threat-assessment.)

This is why at-risk faith-based and communal institutions must have access to resources to prepare themselves against likely continued threats. Therefore, it is imperative that the NSGP program, and legislative initiatives to strengthen the program and nonprofit security resources, are available to adequately serve ALL communities. These efforts should be broadly supported by the greater faith-based community and nonprofit sector at large.

When Congress resumes legislative activities in January, I urge ALL OF YOU to reach out to your Members of Congress to seek their support for the above bulleted initiatives, and to call on your state and national advocates, associations, and fellow community partners to do the same.

Thank you for your consideration.

I wish you a safe and happy holiday season.

Best,

Rob Goldberg
Principal
Goldberg & Associates LLC
In partnership with Sphere State
To access content page: https://spherestate.com/resilience/security-for-nonprofits-blog/
To inquire about subscription plans: [email protected]

The post Nonprofit Security Program Updates appeared first on Sphere State Group.