NSM Risk 2026 — weak authentication is still the most frequent cause of security incidents. The report documents that the majority of serious incidents NSM responded to in 2025 had weak or missing authentication as the entry point. VPN without Multi-factor authentication. Delete password. Accounts that were never disabled. None of this is new — and that’s the point.
What does this mean to you?
Use the municipal audit checklist: MFA, access control, incident plan. Do you have all three in place?
Inspired by: NSM