Burak Yazici
PECB Certified NIS2 Lead Implementer
Burak helps European organizations transform NIS2 from a regulatory burden into a structural security advantage. Certified implementation, pragmatic methodology, direct access to the expert.
Verified expertise, not buzzwords
A short, honest list. If a credential isn't listed here, it isn't claimed.
PECB Certified NIS2 Lead Implementer
Issuer: PECB. Verified certification in leading NIS2 implementation programmes end to end, from scope assessment to audit readiness.
Additional credentials
Adjacent certifications in cybersecurity and risk management will be listed here as they are verified. We prefer accurate to impressive.
Industries where Burak has guided NIS2 implementation
NIS2 looks different in a hospital than in a data centre. Burak works across the full Annex I and Annex II sector map.
Energy & Utilities
Electricity, gas, drinking water, waste water operators. Essential Entity profile, high supervisory pressure.
Transport & Logistics
Air, rail, water and road transport. Postal and courier services under Annex II.
Health & Medical
Hospitals, pharma, medical device manufacturers. High incident reporting stakes.
Digital & ICT
Data centres, cloud, DNS, managed service providers, B2B ICT service management.
Finance & Banking
Banks and financial market infrastructure, coordinated with DORA obligations.
Public Administration
Central and regional public bodies, where Annex I essential status applies.
Manufacturing
Machinery, motor vehicles, electrical equipment, chemicals, food. Annex II Important Entity scope.
Research
Research organizations carrying out essential services or sensitive activities.
How Burak runs a NIS2 programme
A pragmatic, phased approach. No 80 page reports nobody reads.
Scope & gap
Scope assessment, Article 21 gap analysis, stakeholder interviews, national law overlay.
Build
Policies, procedures, incident response playbook, supply chain controls, board training.
Operate & prove
Evidence collection, tabletop exercises, audit readiness, continuous improvement.
Sharing the practical view
Articles on NIS2 compliance
Ongoing series on the NIS2 Compliant blog covering scope, penalties, ISO 27001 alignment, and implementation patterns.
Read the blogSpeaking engagements
Coming soon. If you would like Burak to speak at your event or run a board session, get in touch.
Invite to speakWorking with Burak
Practical questions answered before they come up.
Do you work directly or through a team?
You work directly with Burak. No handover to juniors, no black box. For larger programmes, trusted specialists are brought in on a named basis.
What does a typical engagement look like?
Scope and gap assessment in 2 to 4 weeks, full implementation in 3 to 6 months depending on maturity, then ongoing audit readiness support. Options range from done-for-you to coaching.
Which languages do you work in?
English and Dutch. Deliverables and board sessions are available in both.
Which countries do you support?
EU wide. Focus markets: Netherlands, Belgium, Germany, France. National transposition differences are handled via a local legal partner where needed. See the transposition tracker.
Do you also cover ISO 27001 and DORA?
Yes. NIS2 programmes are routinely aligned with an ISO 27001 information security management system to avoid duplicated effort. For financial services, NIS2 and DORA obligations are mapped in a single control set.
How is pricing structured?
Fixed fee per phase where scope allows, time and materials for open ended programmes. A free first call sets expectations before any quote.
Let's talk about your NIS2 programme.
A 30 minute call will give you a clear view of scope, risk, and the fastest path to audit readiness.