Transparency
Pitch Deck
Our full business overview — market, model, traction, team, and financials. Use ← → arrow keys to navigate.
Cover
Investor Presentation · 2026
nisd2.eu
Free NIS2 compliance for European SMEs
Turning a €30,000–€80,000 consulting project into an open-source platform
Cologne · 2026
02 / Problem
160,000+ European companies. No affordable compliance tool.
NIS2 applies across all 27 EU member states (no transition period)
Most affected companies are SMEs: under 250 employees, no CISO, no compliance budget
Existing tools: €7,500–€100,000/year. Consulting: €30,000–€80,000 per project
ENISA estimates 160,000–180,000 obligated entities EU-wide — the majority newly in scope for the first time
03 / Solution
The platform is the documentation. Free, forever.
Requirements register, risk management, supplier portal, incident tracking
BSIG-specific (not a generic ISO mapper)
Open source (AGPL-3.0), no lock-in, data export always available
eIDAS timestamp sign-off, audit-proof log, PDF export for auditors
04 / Traction
Live since Q1 2026. Growing without paid ads.
174
Registered users
78
CEO courses started
14
CEO courses completed
BSI enforcement window opens 2026. Inbound CISO + IHK conversations already active.
05 / Market
160,000–180,000 companies obligated across the EU.
TAM: 160–180k EU entities (ENISA/BSI) · SAM: 135–155k EU SMEs · SOM: ~400 paying customers by Year 3
06 / Business Model
Free platform. Revenue from what surrounds it.
Consulting-referral commissions (~73% of Year-2 revenue, avg €1,000–1,500 per referral)
Partner-training referrals: SoSafe, Advisera (~11% of Year-2 revenue)
Licenses + hosted cloud, €49–299/month by company size (~16% of Year-2 revenue)
07 / Competition
Nobody else is free, open-source, and BSIG-specific.
Market gap
US platforms (Vanta, Drata): €7,500–€100k/year, English, ISO-centric
German SaaS (DataGuard, NIS2Compass): demo walls, 3-year lock-in
Consulting (KPMG, Sopra Steria): €30,000–€80,000 per project
nisd2.eu
Free forever. Open source. No lock-in.
BSIG-specific (covers the 20% of NIS2 that ISO 27001 misses)
IHK chambers can endorse us (no vendor conflict)
08 / Why Now
Enforcement starts 2026. The window to build authority is open.
1
Regulation live
NIS2 in force Dec 6, 2025. No transition period.
2
62% unregistered
Most obligated German companies still haven't filed with the BSI.
3
Enforcement starting
First fines and §38 personal-liability cases expected 2026–2027.
4
No market leader
US providers too expensive. German providers closed. Window is open.
5
Channels opening
IHK chambers actively seeking NIS2 material for their 3.5M members.
An open-source platform can build authority now, before the market consolidates.
09 / Financials
Break-even May 2027. First Managing Director salary June 2027.
| Year | Revenue | Net result |
|---|---|---|
| 2026 (Mar–Dec, partial) | €3,800 | −€9,430 |
| 2027 (full year) | €62,200 | +€19,698 |
| 2028 (conservative) | €110,000 | +€17,077 |
Model assumptions
Conservative path. 50% revenue shortfall scenario: no insolvency. Grants excluded from base case.
10 / Roadmap
Four milestones to market leadership.
Q1 2026
Platform live. 158 users, 76 CEO courses. BSI registration deadline.
Q3 2026
First referral commissions. SoSafe + Advisera affiliate contracts.
Q1 2027
Netherlands + Austria market entry. Hosted cloud tier launched.
Q1 2028
400 paying customers. First employee. €300k+ annual revenue.
11 / Team
Built by people who read the regulation in its original language.
Simon Orzel
Managing Director · 51%
Based in Cologne. 10 years in full-stack B2B software engineering. Former Founding Engineer at EventFirst (Top-5 US VC Funded). Deep expertise in modern webstack, LLM/RAG, and regulatory framework translation. Technical lead and architecture.
Cory Hisey
Co-Founder · 49%
Based in Osnabrück. M.Eng Mechatronics and cyber-physical systems (focus: embedded systems and AI integration). Handles business development, partnerships, and client-facing implementation support.
nisd2.eu