Senior cybersecurity judgement, on demand.
Growing regulatory pressure makes cybersecurity a direct personal accountability for senior executives. I help boards make defensible decisions on cyber risk, demonstrate compliance under scrutiny, and put the governance in place to hold up when it matters.
- Board-level cybersecurity governance and accountability
- Regulatory compliance that holds up under supervisory scrutiny
- Risk reporting boards can make decisions from
- Cloud security assurance for critical workloads
- Cybersecurity leadership without a permanent CISO
Four problems that land at board level.
Your board is accountable for cybersecurity but has no senior security leadership in place.
Senior cybersecurity oversight, governance and decision support for boards and executives, without the overhead of a full-time appointment.
Learn moreYour board receives cybersecurity reports but cannot make a governance decision from them.
Board-ready reporting that turns cyber risk into defensible decisions, investment choices and a clearer risk appetite.
Learn moreYou approved a cloud migration but cannot demonstrate assurance over critical workloads.
Independent assurance over cloud security, governance, architecture and the controls protecting your most critical workloads.
Learn moreA customer or regulator is scrutinising your security and the answer is not ready.
Support for customer security reviews, procurement scrutiny and audit evidence without slowing commercial activity.
Learn moreAlso available for specific situations: Incident Response Advisory and M&A Security Due Diligence.
From regulatory uncertainty to sustained compliance.
Organisations don't all need the same NIS2 support. Some need to establish scope. Others need independent assurance. Some need a structured programme.
See NIS2 services- NIS2 DiagnosticUnderstand scope, size of effort and how to structure your programme. Five-day diagnostic.
- Compliance VerificationIndependent challenge of your claimed compliance position and evidence quality.
- Programme DesignGovernance, ownership, evidence and roadmap for sustained NIS2 compliance.
Designs or builds products with digital elements. The heaviest CRA obligations apply, spanning the full product lifecycle.
Brings products into the EU market. Must verify that manufacturers have met CRA obligations before placing products on the market.
Makes products available without modification. Lighter obligations apply, but verification of compliance remains required.
From product scope uncertainty to CRA compliance.
CRA obligations depend on the role you hold in the supply chain. Whether you manufacture, import or distribute products with digital elements, the first step is establishing scope and understanding what applies to you.
See CRA servicesWhat clients and colleagues say.
"Marcin stood out for his clear judgement, calm leadership, and ability to align stakeholders and drive delivery. He brought structure to complex discussions, helped teams make timely decisions, and kept the work focused on outcomes and risk."
"Marcin is a high impact professional who quickly analyses complex issues, distils them into clear options, and helps teams make confident decisions. He communicates effectively with both technical and non technical stakeholders."