SETONacademy · Cybersecurity

Cybersecurity for ministry, in plain language.

Short, practical briefings on the threats parish staff actually encounter — phishing, endpoint hygiene, network risk, AI prompt injection, incident response. The Cybersecurity Minute series is live now. More follows.

Watch the series What to watch for
I · Cybersecurity Minute

AI Prompt Injection, explained.

Prompt injection is one of the newest threats facing parish staff — how attackers can manipulate AI tools by hiding instructions in documents, emails, and webpages. Parts 01 and 02 are live now. The rest of the series records summer 2026.

Part 01

AI Prompt Injection

The first of a two-part briefing on AI prompt injection. What it is, where it shows up, and why parish staff need to know about it.

Part 02

AI Prompt Injection

The second of the two-part briefing. Concrete patterns to watch for in everyday email, document, and web-research workflows.

Summer 2026
Part 03
Part 03

Document and PDF attacks

A donation form, a vendor contract, a parish bulletin draft — any file you ask AI to summarize can carry hidden instructions. What to look for.

Coming summer 2026
Summer 2026
Part 04
Part 04

Web research and the open internet

Asking Claude or ChatGPT to summarize a webpage is the easiest way to feed an AI tool instructions it shouldn't follow. How to keep the boundary clean.

Coming summer 2026
Summer 2026
Part 05
Part 05

What to do when something looks wrong

Three simple checks before you act on AI output: did it follow your instructions, did it touch data it shouldn't have, and does the answer feel off.

Coming summer 2026
Summer 2026
Part 06
Part 06

Talking to your team

For pastors and business managers: how to brief staff on safe AI use without turning every meeting into a security lecture. A one-page talking outline.

Coming summer 2026
II · AI Prompt Injection · Patterns

Three patterns worth knowing.

Deeper detail for the Cybersecurity Minute series above. These are the three patterns that account for most prompt-injection incidents in office settings.

i

Hidden instructions in documents

A PDF, a Word doc, or a webpage contains text — sometimes invisible white-on-white — telling the AI to ignore your instructions and do something else instead. Always treat AI output from external documents as a draft, not a finished product.

ii

Inbox redirection

An email arrives with instructions buried in the signature or quoted history. When you ask Copilot to summarize or reply, it reads those instructions too. Be cautious with AI assistance on threads that include unknown senders.

iii

Data exfiltration via images and links

An attacker's instructions tell the AI to render an image hosted on their server, with sensitive information encoded in the URL. The AI "renders" the image, the server logs the URL, and the data has left the building.

III · Coming next

More Cybersecurity Minute series.

The AI Prompt Injection sub-series is the first. The next briefings record across 2026.

i

Phishing & social engineering

What the modern phishing email actually looks like, why it gets through filters, and the two checks that catch most of it before damage is done.

ii

Endpoint hygiene

Laptops, phones, parish-office desktops. Patching, password managers, MFA, and what to do when a device walks out the door.

iii

When something goes wrong

Incident response for parishes. Who to call, what to record, what not to do in the first hour, and how to talk about it after.

For pastors and business managers

Brief your staff in fifteen minutes.

A one-page talking outline you can adapt to your next staff meeting. Plain language. The patterns to flag, the habits to build.

Request the briefing outline See safe-by-default AI prompts

More from SETONacademy.

Cybersecurity is one topic. The full curriculum covers AI, networking, physical security, data protection, and compliance.

Back to the hub