Interim CISO & IT Compliance Consultant

Meet NIS2 — without
burning money.

Since December 2025, NIS2 has been mandatory – and management is personally liable. As an ex-CISO and lawyer, I find out what you really need – and what you can save. Plain language, not jargon.

Start the free scoping check View services
since 12 / 2025NIS2 applies in Germany
Ex-CISO & lawyerStrategy and law from one source
ISO 27001Lead Auditor & KRITIS-proven
Focus areas NIS2 / BSIG ISO 27001 IT-Sicherheitskatalog KRITIS ISO 22301 EU AI Act GDPR

What this is about

NIS2 is not an IT topic.
It is a board matter.

"Cybersecurity? That's IT's job." Wrong: NIS2 obliges management – not the IT department. Four reasons why this belongs on your desk now.

You are personally liable

German law (BSIG) makes management personally responsible for approving and overseeing the measures – not delegable to IT.

Fines up to €10m

Up to €10m or 2% of global annual turnover – plus the loss of reputation and trust that really hurts.

Your customers will ask

Affected clients must secure their supply chain – and demand evidence. Without it, you lose contracts.

The deadlines are running

Registration, reporting and evidence apply now – not someday. Start only after an incident, and you pay twice.

Free & in 60 seconds

Are you in scope for NIS2?

Three short questions give you a first, well-founded assessment – no sign-up, no data stored. Not theory, but a clear direction to work with.

NIS2 scoping check 1 / 3

Which area is your company active in?

Pick the closest match. NIS2 covers around 18 sectors – from energy and engineering to digital services.

How large is your company?

For NIS2, the size of your whole company counts (headcount or turnover / balance sheet).

Do any of these special cases apply?

Multiple selection possible. These activities are often in scope regardless of company size.

Discuss your result on a call

This assessment is a first orientation and does not replace a legal review of the individual case. The precise classification – including thresholds, special rules and group structures – is something I clarify with you in the scoping analysis.

Services

What I take off your plate

From the first assessment to a passed audit – individually or as end-to-end support. On request as your interim CISO.

End-to-end support

Interim CISO – your security chief on demand

Someone who takes responsibility, not just hands over a report. As your interim CISO I run your information security operationally and strategically – for as long as you need me.

Enquire
The starting point

Scoping & gap analysis

I clarify whether and how you're in scope, and show you in black and white where the real gaps are – with a prioritised roadmap.

Learn more
Implement & prove

Implementation & audit support

The roadmap becomes reality: a lean ISMS to ISO 27001. As a lead auditor I prepare you so the audit isn't a battle of nerves.

Enquire
Meet the duty

Management training

NIS2 requires leadership to understand. Interactive training with simulations – incl. a verifiable certificate of participation.

View training

Also: Business Continuity (ISO 22301) · Data protection (GDPR) · AI compliance (EU AI Act)

Nicolas Abel – interim CISO, IT compliance consultant and lawyer
ISO 27001Lead Auditor

About me

Lawyer and ex-CISO. Both lenses, one contact.

I'm Nicolas Abel. I combine two perspectives that rarely meet: the legal understanding of what the law really requires – and the operational experience to implement it day to day.

As a lawyer (University of Cologne) I know the regulatory side; as a former CISO at a large energy company, the operational one – including a state KRITIS evidence audit and the IT-Sicherheitskatalog. I put that combination to work for you: no buzzwords, with the clear goal that you end up more secure and better off financially.

ISO 27001 Lead Auditor Lawyer (Univ. of Cologne) Ex-CISO, energy sector NIS2 / BSIG IT-Sicherheitskatalog KRITIS Audit competence § 8a BSIG (ISACA) Lecturer

Client voices

What matters in practice

Nicolas Abel guided us through the state KRITIS evidence audit with great expertise and pragmatism. In no time he established a full ISMS to ISO 27001 and integrated all KRITIS requirements efficiently and precisely.
Holger HämelChief Compliance Officer, Deutsche Windtechnik AG
Nicolas was instrumental in implementing the IT-Sicherheitskatalog. Thanks to his sound legal understanding we could work precisely and efficiently. The subsequent audit was a clear success.
Roland StracheManager IT Operations & Deputy CISO, OutSmart Deutschland GmbH
Thanks to Nicolas we now have a clearly structured, DEKRA-reviewed curriculum on information security. His ability to convey complex matters clearly is invaluable, especially for career changers.
Marvin GatermannManaging Director, Deutsche Akademie für Informationssicherheit GmbH

Contact

Let's talk – free and without obligation.

Whether a concrete NIS2 question or a first orientation: in a 30-minute call we clarify your situation and the best next step. Not a sales pitch, just plain talk.

Address

Limassoler Straße 37, 53859 Niederkassel, Germany

Book an intro call

Send me a short message with your request. I usually reply within one business day.

  • 30 minutes, free and without obligation
  • Confidential – CISO and lawyer in one person
  • A clear assessment, no sales pressure
Write an email