ECP vs Cynomi: Which Fits Your Belgian MSP?

Q: Can I migrate from Cynomi to ECP, or the other way?

Both directions are workable but not one-click. From ECP: the signed CAB bundle (`.ecpbundle.zip`) exports every wiki page, evidence artifact, assessment, and register row in a structured ZIP you can hand to any successor tool. Into ECP from Cynomi: bring your policies and evidence as files; the wiki import accepts Markdown and common document formats. Budget a few hours of mapping work per client either way.

Q: Can I use both — Cynomi for vCISO, ECP for CyFun delivery?

Yes, if the scopes are different. A common pattern: use Cynomi for vCISO advisory (strategic reviews, multi-framework risk posture) on larger clients, and ECP for CyFun audit-readiness delivery on Belgian SMEs where flat per-client economics make vCISO pricing impractical. The tools do not integrate today; you would run them side by side.

Q: What about ISO 27001 and other frameworks?

ECP today is CyFun-native (Small and Basic YAML-implemented; Important and Essential awaiting official CCB verification). ISO 27001 is planned but not yet shipped. If your clients need ISO 27001 or SOC 2 certification today, Cynomi's broader framework library is the better fit. If your clients need CyFun for NIS2 readiness, ECP is purpose-built for it.

Cynomi is a vCISO platform built for MSPs and MSSPs. Easy Cyber Protection is a CyFun audit-readiness platform for Belgian MSPs. Both help you sell compliance services. The right one depends on what you actually deliver.

At a glance

	Cynomi	Easy Cyber Protection
Target customer	MSPs / MSSPs running vCISO practices	Belgian MSPs serving SMEs
Geography	Global (HQ Israel)	Belgium-first (NL / FR / EN)
Pricing	Contact sales (not public)	5-tier MSP model (Starter setup-only / Practice €499 / Studio €999 / Firm €1,999 / Enterprise) + uniform per-client S/M/L brackets
Framework focus	Multi-framework vCISO library	CyFun-native (CCB-aligned)
White-label branding	Yes	Yes
Integrations	Broad library (50+ per public coverage)	Microsoft Graph (planned), Sophos next
AI assistance	AI co-worker agents (launched Apr 2026)	TARS agent + AI document assistant
Belgian specifics	Not CyFun-native, no VLAIO guidance	CyFun tiers built-in, VLAIO-ready templates

Sources: cynomi.com, public press coverage Apr 2026. Last verified 2026-04-22.

Where Cynomi fits better

You run a formal vCISO practice with board reports, risk registers, and quarterly reviews
Your clients span multiple frameworks (ISO 27001, SOC 2, HIPAA, NIST) and you want one tool across them
Your portfolio is global or mid-market — not specifically Belgian SMEs
Your pricing model absorbs higher platform costs — you charge €500+/month per client for vCISO work
You want AI-driven advisory agents that propose prioritized controls at the strategy layer

Where Easy Cyber Protection fits better

CyFun / NIS2 is the primary framework your clients need — Belgian CCB-native, not mapped on top of generic controls
You serve Belgian SMEs and need NL / FR / EN materials with VLAIO kmo-portefeuille guidance built in
You want predictable two-axis economics — Starter / Practice / Studio / Firm / Enterprise base by your scale, plus uniform per-client size brackets (S €75 / M €250 / L €750)
You prepare clients for a CAB audit without being (or hiring) a vCISO — the platform does the compliance heavy-lifting
You want structured audit deliverables: signed CAB bundle (`.ecpbundle.zip`), branded PDF reports, SoA, register templates

The pricing math

Pricing shape matters. Cynomi's platform cost is not public — engagements typically fit the vCISO service economics of €500-2,000/month retainers per client. ECP charges the MSP on two axes (your scale × client size) plus a fixed base; the MSP sets their own client price on top.

Cynomi — indicative

• Platform pricing: contact sales (not public)
• Typical vCISO engagement: €500-2,000/month per client retainer
• Usually bundled with MSP vCISO advisory services
• Forecasting requires a quote per deal

Figures reflect general vCISO service pricing patterns reported in public coverage, not a confirmed Cynomi price list.

ECP — worked example (50-client portfolio, S-size avg)

• MSP base (Studio tier, 50–99 clients): €999 / month
• Per-client (S-size, < 1k entities): 50 × €75 = €3,750 / month
• Total platform cost to MSP: €4,749 / month
• MSP charges client €200 / month (suggested range €100-400)
• MSP revenue: 50 × €200 = €10,000 / month — gross margin ~€5,250 / month (~€63K / year)
• Client's net cost after VLAIO kmo-portefeuille (MSP leverage): ~€110 / month

VLAIO kmo-portefeuille is the MSP's sales lever — the end client claims up to 45% back on the MSP's qualifying cybersecurity advisory invoice (35% for medium enterprises, up to €7,500 / year). It requires the MSP to be a VLAIO-approved cybersecurity advisor. ECP's platform fee itself is not subsidizable; the benefit flows through the MSP's service. Per-client brackets (S/M/L) are uniform across every tier — what differs is the monthly base. AI assistance and integrations ship on Practice and up; Starter is intentionally minimalist (templates + CSV entity import + audit output).

Where CyFun is recognized

ECP is built around the Belgian CCB's CyberFundamentals framework. That framing is valuable where CyFun is an official NIS2 compliance path — and less so where another framework is the norm. Public status, April 2026:

Country / region	CyFun status
Belgium	Origin — CCB-issued national framework, official NIS2 compliance path
Ireland	Adopting CyFun as national assessment and certification scheme; joint owners with CCB (per NCSC.ie)
Other EU member states	Not an official NIS2 compliance path; compliance typically demonstrated via ISO 27001 or the national equivalent (BSI IT-Grundschutz, BIO, ANSSI, etc.). CyFun may still be used voluntarily as evidence of readiness.

Sources: ccb.belgium.be, ncsc.gov.ie. Let us know if status has changed — we keep this table updated.

Common questions

Can I migrate from Cynomi to ECP, or the other way?