Kerubiel is a 100% privately owned company specializing in the provision of ICT, SECURITY and PRIVACY services. Our consultants and engineers have an impressive background and many years of proven project experience gained in domestic and international projects as well.
As information and data security has become one of the most hotly debated topics in the IT scene, experts from these two distinct but interrelated fields need to cooperate and work together. Since the establishment of Kerubiel Ltd., in 2017, the firm’s main goal has been to merge the expertise from the fields of IT and information security, data protection and data security, in order to provide assistance to our clients to prepare for possible threats from the cyberspace and to comply with the relevant standards and rules. The need for this kind of expertise has become even more evident since the application of the GDPR. The new European rules of data protection has a particular focus on the so-called “risk-based approach” that may be applied in data breach managements, data protection impacts assessments, and other operations.
With the help of Kerubiel Ltd., an ever-growing number of satisfied clients are ready to process information and personal data securely and in accordance with the relevant rules. These include multinational and big corporations as well as SMEs from the health, insurance and financial, and other sectors.
László György Dellei, CEO and Ambassador of ISACA HQ GDPR details us about the company.
Companies can come and go with the times, but only some companies have the capacity to sustain in the world for the best. What qualifies you to be one of them?
Our three main principles are adaptability, effectiveness and continuous (self) development. This approach helped Kerubiel Ltd. to exploit technological and legal developments in the field of IT and information security, and data protection for the benefit of its clients. On the one hand, we value technology as an opportunity for further improvement that, coupled with our unique expertise, may assist companies to thrive on a highly competitive global market. On the other hand, the wide range of services in the fields of IT and information security, data protection and data security, such as information security audits, counselling, or DPO services, makes Kerubiel Ltd. suitable to provide complex, but affordable solutions. Finally, our continuous self-improvement based on the invaluable feedback of our clients helps us to better understand our clients and to further improve our services.
What challenges is your industry facing and how do you plan to capitalize on the opportunity?
One of the greatest challenges that a company may face is negligence. The source of an estimated 75 % of adverse events, i.e. incidents and data breaches, is human error. In the ever-growing cyberspace, everyday a new security threat appears in such forms as malevolent viruses, applications, etc. Prevention of and – in case of an incident – the management of such risk factors is an absolute must. The first step towards a more secure operation of the company is the employee trained and prepared for such event, yet the importance of this kind of activities is often overlooked.
Due to time- and cost effectiveness, many companies think that continuous training of their employees is irrelevant or unnecessary at a certain point (such as the beginning of the operation of the company). These entities often think that they are too small or too irrelevant to be selected as a target of a cyberattack. However, betting on pure luck won’t suffice.
Competition is at its peak, and there are millions of companies in this world which mint billions a year. Do you think startup/budding companies stand a chance to build their way to success?
This is a highly competitive market; many actors seek to reach the clients in order to provide them counselling. With the application of the GDPR, the scene has become even more competitive. Yet, even a start-up may thrive if it operates based on three simple principles. The first is patience which means that success may not come immediately, but, with strategic work, all goals may be achieved in time. Secondly, companies need to cooperate with each other thus complementary expertise may be utilized for the benefit of both the clients and the start-ups. Kerubiel Ltd. seeks to establish valuable connections with leading experts in the fields of IT, information security and data protection in order to shape and improve its own services. Finally, it is important to value adaptability.
They say great companies have some qualities in common, list three such qualities a company must have to be great.
Resilience, open-mindedness, and lifelong learning are the principles that continuously drive Kerubiel Ltd. towards innovation and new knowledge. We consider technology as an opportunity for further improvement that might shape our services as well as the operations of the clients. Instead of distancing ourselves from the clients, we seek direct contact to gather crucial information on matters deemed to be important by them as well as information related to our work. Finally, Kerubiel Ltd. may only thrive in the market if it maintains its high-level knowledge, thus the employees regularly participate in trainings, and other forms of education. No knowledge is useless if applied properly.
What is your firm’s modus operandi?
Different types of companies – multinational, big, small or medium-sized enterprises – need to apply different approaches in respect of compliance with IT, information security, and data protection regulations. In order to shape our services with due regard to the needs of our clients, to understand them and their activities, we seek direct contact with all the relevant actors from the very beginning of the planning phase. On the other hand, we provide our services with a special view to five easy and effective steps: self-awareness, governance, documentation, transparency, and risk management. As different aspects of compliance, these steps facilitate to carry out our services in an affordable, rapid and personalized way.
What qualities of your company have helped to sustain your reputation in the marketplace?
Kerubiel Ltd. primarily provides counselling to its clients in a unique way, merging expertise from different, but interrelated fields, such as information management, information security, and data protection. Our main strength is that we assess the information and data management framework of the client and define measures, propose solutions to improve security and compliance of its products or activities. In so doing, we utilize the most advanced, high-level IT standards, such as the ISO 27000 focusing on the state of the IT infrastructure, identifying IT system availability, potential risk factors, and security or operational failures, or the NIST 800-53 controls assessment which helps us identify gaps within IT systems and to focus on controls, time and budget to minimize deviations and redundancies. Based on information gathered through these methods, Kerubiel Ltd. may provide the client with information on the IT system, its risks and errors, and with detailed suggestions on how to address these deficiencies.
For instance, our company has effectively cooperated in and contributed to the successful management of data breaches. In such a case, the greatest challenges are to react rapidly, gather experts from all relevant fields, and to examine the circumstances of the breach in order to manage it. The incident response teams containing the expert of Kerubiel Ltd. has been successful in data breach management, the analysis of the incidents and measures implemented as a consequence were effective, thus the supervisory authority discontinued its procedures vis-á-vis the controllers.
A brief about the man behind Kerubiel
László György Dellei (CISA, CISM, CGEIT, CRISC, CISSP, CEH, OSCP, C|CISO, OSCE, CSA, CCSE, OSA, MCDBA, MCSE Security, Certified Expert witness) is a leading expert in the field of ICT and data protection in Hungary. As the founder of Kerubiel Ltd., Mr. Dellei provides expert counsel to multinational and big corporations as well as SMEs. His main focus is to ensure that clients of Kerubiel Ltd. meet the highest possible level of compliance with the relevant rules and regulations.
“We had the possibility to participate in international Research and Development project on VR as well, involving high profile international Universities and experts.”
“We have many years of extensive professional experiences both in the public and in the private sector, delivering complex solutions from scratch.”