SciTransfer
Organization

NIXU AB

Nordic cybersecurity firm specializing in EU cloud security certification frameworks, continuous auditing, and Cybersecurity Act compliance.

Cybersecurity services companysecuritySENo active H2020 projectsThin data (2/5)
H2020 projects
2
As coordinator
0
Total EC funding
Unique partners
19
What they do

Their core work

NIXU AB is a Nordic cybersecurity company that provides security consulting, auditing, and certification services to enterprises and public bodies across Europe. In EU research projects, they contribute practitioner expertise to the design of security certification frameworks — translating regulatory requirements such as the EU Cybersecurity Act into operational auditing methodologies. Their project track record centers on continuous certification: the idea that cloud services and digital infrastructure should be validated not once at deployment but on an ongoing basis. They bring the commercial operator's perspective into academic and policy-driven consortia, bridging the gap between regulatory intent and real-world implementation.

Core expertise

What they specialise in

Cybersecurity certification frameworksprimary
2 projects

Contributed to both EU-SEC (European Security Certification Framework) and MEDINA, both of which target systematic EU-level certification of digital and cloud services.

Continuous auditing and complianceprimary
1 project

MEDINA explicitly targets continuous audit-based certification, with NIXU's keywords including 'continuous auditing' and 'continuous certification'.

Cloud security and cloud certification schemessecondary
1 project

MEDINA keywords include 'cloud certification scheme', indicating NIXU's applied expertise in certifying cloud service providers against EU standards.

Smart contract-based certification automationemerging
1 project

MEDINA contribution lists 'smart contracts' and 'certification language' as keywords, pointing to automated and machine-readable certification mechanisms.

Evolution & trajectory

How they've shifted over time

Early focus
EU security certification governance
Recent focus
Automated continuous cloud certification

In their first H2020 engagement (EU-SEC, 2017–2019), NIXU contributed to building the foundational European security certification framework — a largely structural and policy-oriented effort with no recorded technical keywords, suggesting a governance and advisory role. By their second project (MEDINA, 2020–2023), the focus had shifted decisively toward technical automation: continuous auditing pipelines, smart contracts as certification carriers, and a formal certification language. This progression mirrors the broader EU policy shift from defining what certification means (the Cybersecurity Act, enacted 2019) to operationalizing how it works at scale.

NIXU is moving toward machine-driven, continuous certification systems — a direction that will become increasingly relevant as ENISA rolls out certification schemes under the EU Cybersecurity Act across cloud, 5G, and IoT domains.

Collaboration profile

How they like to work

Role: third_party_expertReach: European10 countries collaborated

NIXU participates exclusively as a third party in EU projects — not as a formal consortium member or coordinator — which is consistent with a commercial cybersecurity firm that contributes expertise and real-world testing capacity on a subcontracted basis. This means they are unlikely to lead a research consortium, but they are a valuable specialist anchor for any consortium needing practitioner credibility in security certification. With 19 distinct partners across 2 projects, the consortia they join are large and well-networked, suggesting NIXU is sought out by established research groups rather than being the organizing force.

NIXU connects to 19 unique consortium partners across 10 countries from just 2 projects, indicating they join broad, multi-country research consortia rather than bilateral arrangements. Their European reach spans the full ENISA/EU cybersecurity policy geography, with likely ties to national cybersecurity agencies and cloud infrastructure operators.

Why partner with them

What sets them apart

NIXU AB is one of the few commercial, non-SME cybersecurity operators in the Nordic region with a documented track record in EU research on security certification frameworks — most participants in this space are universities or public research institutes. Their value to a consortium is the practitioner voice: they can validate that a proposed certification scheme is actually implementable in a real enterprise context, not just theoretically sound. For any consortium responding to EU calls on cloud security, ENISA certification schemes, or Cybersecurity Act implementation, NIXU fills a credibility gap that academic partners cannot.

Notable projects

Highlights from their portfolio

  • EU-SEC
    One of the first EU-funded projects to systematically design a European-wide security certification framework, predating the Cybersecurity Act and helping shape the policy groundwork that followed.
  • MEDINA
    Tackles continuous audit-based cloud certification with smart contracts — a technically ambitious approach that positions certification as a live, automated process rather than a periodic compliance snapshot.
Cross-sector capabilities
digital infrastructure and cloud servicesregulatory compliance and legal technologyfinancial services cybersecurity
Analysis note: Profile rests on only 2 projects, both as third party with no EC funding data. NIXU's actual commercial capabilities are likely far broader than H2020 participation reveals — this profile captures their EU research positioning only, not their full market footprint.