Cybersecurity governance for Belgian SMEs
Real security.
Not compliance theater.
CySLok helps Belgian and European SMEs turn ISO27001, CyFun 2025 and NIS2 into security that people understand, apply and sustain.
Not compliance theater.
CySLok helps Belgian and European SMEs turn ISO27001, CyFun 2025 and NIS2 into security that people understand, apply and sustain.
About
Founder & Virtual CISO
I help organizations build security that works in practice, not just on paper.
Many SMEs invest in ISO27001, CyFun or NIS2 preparation and end up with policies that look good but are rarely used. That creates the illusion of control, without improving day-to-day security.
My approach is different. I translate requirements into governance, processes and controls that are clear, proportionate and usable by the people who actually need them.
The result is a security program that supports certification, improves resilience and remains workable for management and operational teams.
Services
Clear engagements with defined outcomes. No vague retainers, no endless projects.
For Belgian SMEs preparing for CyFun 2025 or aligning with NIS2 expectations. Includes gap assessment, policy support, control design and guidance toward a realistic, auditable implementation.
For organizations building or strengthening an ISMS. Covers gap analysis, risk treatment, policy framework, implementation support and audit readiness with a focus on practicality.
For organizations in scope of NIS2, or preparing in advance. Focused on governance, accountability, management involvement and a clear roadmap toward compliance and resilience.
For organizations that need strategic security leadership without a full-time CISO. Provides continuity, prioritization, governance support and ongoing oversight of your security program.
For boards, management teams and non-technical stakeholders. Practical sessions that explain responsibilities, decisions and security priorities in plain language.
For organizations with an active ISMS that need an independent internal audit, whether preparing for certification, a surveillance audit, or maintaining ongoing oversight. Covers clause conformity, control effectiveness and nonconformity identification, delivered by a certified ISO 27001 internal auditor.
Insights
I publish practical insights on ISO27001, CyFun 2025, NIS2 and security governance for decision-makers. No technical noise, no generic awareness content: just clear thinking you can apply.
Contact
Whether you are preparing for ISO27001, CyFun 2025, NIS2, or simply need more structure in your security program: the first step is a short conversation to clarify priorities, scope and next actions.