Industrial & Defense Cybersecurity
Executive Security
Leadership Without
the Full-Time Cost.
Axiom Cyber Consulting provides CISO-level cybersecurity leadership and compliance advisory to industrial manufacturers and defense contractors — organizations that can't afford to get security wrong.
Credentials
30+ Years Experience
CISSP
TS-SCI Clearance History
OT/ICS Specialized Expertise
CMMC · DIB Compliance
◈CMMC 2.0
◈NIST SP 800-171
◈ISO 27001:2022
◈NIST RMF
◈NIST CSF 2.0
◈DIV 25 05 11
◈IEC 62443
◈EU CRA
◈CMMC 2.0
◈NIST SP 800-171
◈ISO 27001:2022
◈NIST RMF
◈NIST CSF 2.0
◈DIV 25 05 11
◈IEC 62443
◈EU CRA
What We Do
Five Service Lines.
One Trusted Advisor.
From ongoing fractional CISO retainers to CMMC preparation, ISO compliance, and workforce training — every service is built around your specific regulatory environment and risk profile.
01
↗
Fractional CISO
Dedicated monthly retainer providing executive cybersecurity leadership, compliance oversight, risk management, and strategic advisory.
02
↗
Compliance Readiness Assessment
Structured gap analysis against CMMC 2.0, NIST SP 800-171, or ISO 27001:2022 with risk register, POA&M, and remediation roadmap.
03
↗
CMMC 2.0 Preparation
End-to-end preparation for defense contractors facing C3PAO assessment — documentation, SSP development, and 90-day advisory support.
04
↗
ISO 27001 Compliance
Full-cycle ISO 27001:2022 implementation and certification support — from gap assessment through ISMS design, controls implementation, and audit readiness.
05
↗
Security Awareness Training
Industry-specific training built for OT/ICS operators and DIB contractors — not generic phishing slides. Custom delivery, real retention.
Why Axiom
Credentials Built in the Field,
Not the Classroom.
◈CISSP Certified — The gold standard credential in information security, held and actively maintained.
◈Former Director of Cybersecurity Compliance, Schneider Electric (US) — Real enterprise OT/ICS security leadership at scale.
◈NIST RMF, IEC 62443, DIV 25 05 11 & CMMC Subject Matter Expert — Built compliance programs, not just audited them.
◈US Air National Guard Veteran — TS-SCI — Gray hat techniques, national security discipline, and mission-first mindset.
◈Current ISO 27001:2022 & SOC 2 Program Manager — Actively managing compliance programs today, not decades ago.
◈30+ Years of Operational Experience — Military, law enforcement, industrial, and cybersecurity backgrounds in one advisor.
Our Philosophy
Security is a Principle,
Not a Product.
Most organizations don't have a tools problem — they have a strategy and accountability problem. The right frameworks, the right policies, and the right leadership make compliance achievable for any organization willing to commit to it.
Axiom Cyber Consulting exists to provide that leadership to organizations that have outgrown their current approach but aren't ready — or don't need — a full-time CISO on payroll.
"Security built on axioms — foundational truths — holds under any pressure. We help you build it right the first time."
— Axiom Cyber Consulting
Start the Conversation
Your organization gets a dedicated CISO-level advisor who learns your environment, owns your security program, and provides consistent monthly leadership — without the cost of a full-time executive hire.
- 20–30 dedicated advisory hours
- Monthly written security posture report
- Policy and procedure governance
- Regulatory compliance oversight
- Risk register and POA&M maintenance
- Vendor and third-party risk advisory
- Incident response plan maintenance
- Quarterly executive security briefing
Small Org (under 50)
$3,500
per month · 12-month initial term
Mid-Size (50–250)
$4,500
per month · 12-month initial term
Complex / 250+
Custom
scoped after discovery call
A structured, framework-aligned assessment of your current security posture delivered as a fixed-scope engagement. Available frameworks: CMMC 2.0 / NIST SP 800-171 · ISO 27001:2022 · NIST CSF 2.0
- Pre-assessment intake & document review
- Structured personnel interviews
- Control-by-control gap analysis
- Risk register development
- POA&M development
- Executive summary & findings report
- Prioritized remediation roadmap
- 30-day post-delivery support
CMMC 2.0 / NIST 800-171
$8–12K
fixed fee · confirmed after discovery
ISO 27001:2022
$9–14K
fixed fee · confirmed after discovery
Multi-Framework
Custom
scoped after discovery call
Full-spectrum CMMC Level 2 preparation for organizations in the Defense Industrial Base. We guide you from gap to assessment-ready — documentation, evidence organization, SSP development, and 90 days of advisory support through the C3PAO process.
- Full 110-practice gap assessment
- System Security Plan (SSP) development
- POA&M development and management
- Policy documentation — all 14 domains
- Evidence collection guidance
- 90-day C3PAO advisory support
- Pre-assessment mock review
- C3PAO partner referrals
Standard (under 100 users)
$15–20K
single enclave · fixed fee
Complex Environment
$20–28K
multiple enclaves / MSP / cloud
Full-cycle ISO 27001:2022 implementation support — from initial gap assessment through ISMS design, controls implementation, internal audit preparation, and certification audit readiness.
- Gap assessment against ISO 27001:2022
- ISMS scope and boundary definition
- Risk assessment and treatment plan
- Statement of Applicability (SoA)
- Policy and control documentation
- Internal audit program support
- Management review preparation
- Certification audit readiness review
Gap Assessment Only
$9–14K
fixed fee · report & roadmap
Full Implementation
$18–30K
gap through audit-ready
Program Maintenance
Custom
ongoing retainer support
Generic security training doesn't work for industrial environments or defense contractors. Our programs are built around the actual threats your workforce faces — OT/ICS-specific risks, CUI handling, and the social engineering tactics targeting your sector.
- Custom content for your industry
- Virtual or on-site delivery
- Up to 50 participants per session
- OT/ICS threat-specific content
- CUI handling for DIB employees
- Executive non-technical briefing option
- Annual program packages available
- Post-training assessment available
Virtual Half-Day (25 participants)
$2,500
virtual delivery
Virtual Full-Day (50 participants)
$3,500
virtual delivery
Executive / Board Briefing
$1,500
90 minutes · virtual
Every engagement begins with a complimentary 30-minute discovery call.
We'll listen first — then tell you honestly what we think you need.
Schedule Your Discovery Call
🔒
Client Portal
Secure access to your monthly security reports, POA&M tracker, policy documents, and assessment deliverables is on its way. The portal is currently in development.
Coming Soon
Current clients can reach us directly at
jwiegand@axiomcyberconsulting.com