Security gains from passkey adoption in central IT are negated by uncontrolled shadow IT using weak passwords, presenting organizational challenges for CISOs.
NIS2 requires organisations to ensure security awareness functions in real work situations and does not remain merely theoretical knowledge — a focus on behavioural change rather than compliance documentation.
