Industrial & Defense Cybersecurity

Executive Security
Leadership Without
the Full-Time Cost.

Axiom Cyber Consulting provides CISO-level cybersecurity leadership and compliance advisory to industrial manufacturers and defense contractors — organizations that can't afford to get security wrong.

Credentials
30+ Years Experience CISSP TS-SCI Clearance History OT/ICS Specialized Expertise CMMC · DIB Compliance
CMMC 2.0 NIST SP 800-171 ISO 27001:2022 NIST RMF NIST CSF 2.0 DIV 25 05 11 IEC 62443 EU CRA CMMC 2.0 NIST SP 800-171 ISO 27001:2022 NIST RMF NIST CSF 2.0 DIV 25 05 11 IEC 62443 EU CRA
What We Do

Five Service Lines.
One Trusted Advisor.

From ongoing fractional CISO retainers to CMMC preparation, ISO compliance, and workforce training — every service is built around your specific regulatory environment and risk profile.

01
Fractional CISO
Dedicated monthly retainer providing executive cybersecurity leadership, compliance oversight, risk management, and strategic advisory.
02
Compliance Readiness Assessment
Structured gap analysis against CMMC 2.0, NIST SP 800-171, or ISO 27001:2022 with risk register, POA&M, and remediation roadmap.
03
CMMC 2.0 Preparation
End-to-end preparation for defense contractors facing C3PAO assessment — documentation, SSP development, and 90-day advisory support.
04
ISO 27001 Compliance
Full-cycle ISO 27001:2022 implementation and certification support — from gap assessment through ISMS design, controls implementation, and audit readiness.
05
Security Awareness Training
Industry-specific training built for OT/ICS operators and DIB contractors — not generic phishing slides. Custom delivery, real retention.
Why Axiom

Credentials Built in the Field,
Not the Classroom.

CISSP Certified — The gold standard credential in information security, held and actively maintained.
Former Director of Cybersecurity Compliance, Schneider Electric (US) — Real enterprise OT/ICS security leadership at scale.
NIST RMF, IEC 62443, DIV 25 05 11 & CMMC Subject Matter Expert — Built compliance programs, not just audited them.
US Air National Guard Veteran — TS-SCI — Gray hat techniques, national security discipline, and mission-first mindset.
Current ISO 27001:2022 & SOC 2 Program Manager — Actively managing compliance programs today, not decades ago.
30+ Years of Operational Experience — Military, law enforcement, industrial, and cybersecurity backgrounds in one advisor.
Our Philosophy

Security is a Principle,
Not a Product.

Most organizations don't have a tools problem — they have a strategy and accountability problem. The right frameworks, the right policies, and the right leadership make compliance achievable for any organization willing to commit to it.

Axiom Cyber Consulting exists to provide that leadership to organizations that have outgrown their current approach but aren't ready — or don't need — a full-time CISO on payroll.

"Security built on axioms — foundational truths — holds under any pressure. We help you build it right the first time."
— Axiom Cyber Consulting

Start the Conversation
Credentials

Principal's
Qualifications.

Our principal brings 30+ years of hands-on experience across military service, law enforcement, industrial cybersecurity leadership, and compliance program management. This isn't advisory work built on certifications alone. Every recommendation we make is grounded in decades of operational reality.

CISSP
Certified Information Systems Security Professional
TS-SCI
Top Secret / Sensitive Compartmented Information (History)
MCSE
Microsoft Certified Systems Engineer
SME
NIST RMF · DIACAP · CMMC · ISO 27001:2022
Career Timeline
1982 — 1986
Machinist Mate
US Navy (Active Duty)
Technical discipline, mechanical systems expertise, and military operational experience forming the foundation of a career built on precision and accountability.
1986 — 1994
Police Officer
San Diego PD
Eight years in law enforcement developing investigative discipline, risk assessment, and the judgment to act decisively under pressure.
1994 — 2004
MCSE — Software & Technology Firm
IT / Enterprise Systems
Technical transition into IT — earning MCSE certification and developing foundational systems knowledge while building enterprise-level technical expertise.
2004 — 2022
US Air National Guard
1B4X / 3D0X
Gray hat cybersecurity techniques, national security operations, and TS-SCI clearance. Serving in parallel with civilian career throughout this period.
2004 — 2022
Director of Cybersecurity Compliance (US)
Schneider Electric
Subject matter expert in NIST RMF, DIACAP, and CMMC. Leading enterprise OT/ICS security programs for one of the world's largest industrial automation companies.
2022 — Present
Cybersecurity Program Manager
Delta Intelligent Business Technologies
Active management of ISO 27001:2022 and SOC 2 compliance programs. Current, hands-on regulatory compliance leadership.
2025
Founder & Principal
Axiom Cyber Consulting LLC
Bringing three decades of operational cybersecurity experience to small and mid-size organizations in the industrial and defense sectors.
01 Fractional CISO Retainer Ongoing / Monthly
+

Your organization gets a dedicated CISO-level advisor who learns your environment, owns your security program, and provides consistent monthly leadership — without the cost of a full-time executive hire.

  • 20–30 dedicated advisory hours
  • Monthly written security posture report
  • Policy and procedure governance
  • Regulatory compliance oversight
  • Risk register and POA&M maintenance
  • Vendor and third-party risk advisory
  • Incident response plan maintenance
  • Quarterly executive security briefing
Small Org (under 50)
$3,500
per month · 12-month initial term
Mid-Size (50–250)
$4,500
per month · 12-month initial term
Complex / 250+
Custom
scoped after discovery call
02 Compliance Readiness Assessment Fixed Scope / Fixed Price
+

A structured, framework-aligned assessment of your current security posture delivered as a fixed-scope engagement. Available frameworks: CMMC 2.0 / NIST SP 800-171 · ISO 27001:2022 · NIST CSF 2.0

  • Pre-assessment intake & document review
  • Structured personnel interviews
  • Control-by-control gap analysis
  • Risk register development
  • POA&M development
  • Executive summary & findings report
  • Prioritized remediation roadmap
  • 30-day post-delivery support
CMMC 2.0 / NIST 800-171
$8–12K
fixed fee · confirmed after discovery
ISO 27001:2022
$9–14K
fixed fee · confirmed after discovery
Multi-Framework
Custom
scoped after discovery call
03 CMMC 2.0 Preparation Package Defense Contractors
+

Full-spectrum CMMC Level 2 preparation for organizations in the Defense Industrial Base. We guide you from gap to assessment-ready — documentation, evidence organization, SSP development, and 90 days of advisory support through the C3PAO process.

  • Full 110-practice gap assessment
  • System Security Plan (SSP) development
  • POA&M development and management
  • Policy documentation — all 14 domains
  • Evidence collection guidance
  • 90-day C3PAO advisory support
  • Pre-assessment mock review
  • C3PAO partner referrals
Standard (under 100 users)
$15–20K
single enclave · fixed fee
Complex Environment
$20–28K
multiple enclaves / MSP / cloud
04 ISO 27001:2022 Compliance Program Certification Readiness
+

Full-cycle ISO 27001:2022 implementation support — from initial gap assessment through ISMS design, controls implementation, internal audit preparation, and certification audit readiness.

  • Gap assessment against ISO 27001:2022
  • ISMS scope and boundary definition
  • Risk assessment and treatment plan
  • Statement of Applicability (SoA)
  • Policy and control documentation
  • Internal audit program support
  • Management review preparation
  • Certification audit readiness review
Gap Assessment Only
$9–14K
fixed fee · report & roadmap
Full Implementation
$18–30K
gap through audit-ready
Program Maintenance
Custom
ongoing retainer support
05 Security Awareness Training Workforce Development
+

Generic security training doesn't work for industrial environments or defense contractors. Our programs are built around the actual threats your workforce faces — OT/ICS-specific risks, CUI handling, and the social engineering tactics targeting your sector.

  • Custom content for your industry
  • Virtual or on-site delivery
  • Up to 50 participants per session
  • OT/ICS threat-specific content
  • CUI handling for DIB employees
  • Executive non-technical briefing option
  • Annual program packages available
  • Post-training assessment available
Virtual Half-Day (25 participants)
$2,500
virtual delivery
Virtual Full-Day (50 participants)
$3,500
virtual delivery
Executive / Board Briefing
$1,500
90 minutes · virtual
Every engagement begins with a complimentary 30-minute discovery call.
We'll listen first — then tell you honestly what we think you need.
Schedule Your Discovery Call
Fractional CISO
Ongoing monthly retainer — executive security leadership for your organization.
$3,500
Per month · starting price · 12-month initial term
  • 20–30 advisory hours per month
  • Monthly security posture report
  • Policy & procedure governance
  • Regulatory compliance oversight
  • Risk register & POA&M management
  • Quarterly executive briefing
  • Incident response advisory
Schedule Discovery Call
Compliance Assessment
Point-in-time gap analysis with risk register, POA&M, and remediation roadmap.
$8,000
Starting price · fixed fee · CMMC / NIST 800-171
  • Control-by-control gap analysis
  • Risk register development
  • POA&M development
  • Executive summary report
  • Prioritized remediation roadmap
  • 30-day post-delivery support
Schedule Discovery Call
ISO 27001:2022 Compliance
Full-cycle ISO 27001 implementation from gap assessment through certification readiness.
$9,000
Starting price · gap assessment · full implementation from $18K
  • Gap assessment & risk treatment
  • ISMS design & documentation
  • Statement of Applicability (SoA)
  • Policy & control framework
  • Internal audit support
  • Certification audit readiness
Schedule Discovery Call
Security Awareness Training
Industry-specific workforce training for OT/ICS and defense environments.
$2,500
Starting price · virtual half-day · up to 25 participants
  • OT/ICS-aware threat content
  • CUI handling for DIB employees
  • Virtual or on-site delivery
  • Executive & board briefing option
  • Annual program packages available
  • Up to 50 participants per session
Schedule Discovery Call
Assessment → Retainer Conversion CreditOrganizations that complete a Compliance Readiness Assessment and convert to a Fractional CISO retainer within 60 days receive a $1,500 credit applied to their first retainer invoice.
Overage RateRetainer hours in excess of your monthly allotment, pre-approved in writing, are billed at $200/hour. We'll always flag when you're approaching your limit before going over.
🔒

Client Portal

Secure access to your monthly security reports, POA&M tracker, policy documents, and assessment deliverables is on its way. The portal is currently in development.

Coming Soon

Current clients can reach us directly at
jwiegand@axiomcyberconsulting.com

Organization
Axiom Cyber Consulting LLC
Las Vegas, Nevada · Serving clients nationally
Principal
James Wiegand, CISSP
Founder & Principal Consultant
Email
jwiegand@axiomcyberconsulting.com
Phone
775-242-8933
Available Mon–Fri, 8am–6pm PT
Website
axiomcyberconsulting.com
Get In Touch

Schedule Your Discovery Call

✓ Message received. We'll be in touch within one business day.