top of page
  • LinkedIn
LSZ Security Risk Salzburg_169_mid.jpg

Security requires personality.
And a partner you can trust.

My name is Lukas Kulmitzer, founder and CEO of Next Secure . For over 10 years, I have been supporting international corporations, medium-sized companies, and emerging scale-ups through demanding security challenges – from strategic planning and technical implementation to compliance with regulatory requirements and certifications according to recognized norms and standards.

Our mission is simple ...

I have Next Secure Founded because in my career I have repeatedly seen that many companies are stuck between overpriced consultancies and ad hoc IT service providers – without a central, reliable sparring partner who combines strategy, implementation and responsibility.

 

This was exactly the gap I needed and wanted to close -
to take security out of the IT corner and bring it to where it belongs – to the center of corporate management.

Our DNA

1️⃣ Understand
We take the time to truly understand your business – your processes, your risks, and your goals. Because security only works if it supports your business – not hinders it.

2️⃣ Design

We develop pragmatic and effective solutions – not endless PowerPoints, but actionable steps that deliver measurable results and demonstrate real progress.

3️⃣ Accompany

We remain not an external consultant, but a partner on equal terms – transparent, long-term and with the aim of truly anchoring security in your organization.

I am convinced that successful cybersecurity is not achieved through the number of tools available.
but through people who take responsibility and understand the connections.

To make this possible, we have deeply embedded the following 3 steps in NextSecure 's DNA:
 

Background & Expertise

Mit einer langjährigen Laufbahn im Cyber-Security-Umfeld – unter anderem als CISO, Auditor, Notfallmanager und Lektor – bringe ich tiefgehende Erfahrung sowie anerkannte Zertifizierungen mit:

With a long career in the cybersecurity field – including roles as CISO, ISO auditor and emergency manager – I bring in-depth experience and recognized certifications:

 

 

 

 



 

✅ Certified Information System Security Professional (CISSP)

✅ Certified Cloud Security Professional (CCSP)

✅ ISO27001 Manager & Auditor

✅ Certificate of Cloud Security Knowledge v4 (CCSK)

✅ BSI BCM Praktiker (BSI 200-4)

✅ Certified Scrum Master

✅ Prince2 Foundation Level (Projektmanagement)

✅ Cobit 5 Foundation Level

In addition to my role as founder of Next Secure, I am a regular speaker and presenter at national and international security and compliance conferences (e.g. LSZ Events, CIS Compliance Summit, Cybersecurity Night Lakeside).
There I share my experiences on topics such as NIS2, Risk and Governance, Resilience Management and Cyber Crime Prevention.

 

My goal : To pass on knowledge in a practical way and to help companies to strategically understand and implement complex security requirements.

References and
Projects

Excerpt from our references and security projects:

  • Establishment and management of a group-wide information security organization (ISMS) based on ISO 27001 and BSI IT-Grundschutz for a company in the security sector.

  • Introduction of a global cyber risk management system in accordance with NIST CSF and CIS RAM for a European “unicorn” start-up in the EdTech sector.

  • Consulting and operational support in setting up organizational and technical measures to meet NIS2 requirements for a food company and a critical security facility

  • Development and implementation of a business continuity management system (BCMS) and crisis management for a European cloud provider

  • ​Design and introduction of a group-wide security awareness program for an IT service provider

  • Conducting ISO 27001 and TISAX audits in an international corporate environment in the semiconductor sector​​

  • Implementation of emergency and crisis management processes for industrial companies

  • Development and implementation of an internal control system (ICS) according to SOC1/SOC2 for an international communications and IT company

  • Consulting and training in the field of information security for public institutions and educational establishments

  • Planning and implementation of courses in the field of system security at an Austrian university

bottom of page