Magazine Store

50 Innovative Companies to Watch 2019

An Interview with László György Dellei, Kerubiel Ltd. Founder and CEO: ‘Our Approach Considers all Angles in Order to Offer Affordable, Rapid, and Personalized Solutions to Controllers and Processors Wishing to Implement the Rules of the GDPR’


“From the beginning, Kerubiel has been building a rapidly growing group of customers that received counselling in the field of data security and information security.”

Malware attacks have become more sophisticated to detect and fight. Keeping precious business data protected against these attacks is one of the biggest challenges facing modern businesses. These never-ending cybersecurity threats make it extremely difficult to sustain business performance and growth.

In light of the above-mentioned scenario, we’re thrilled to present Kerubiel Ltd.

Kerubiel, a 100 percent privately owned company, specializes in the provision of ICT, security,and privacy services. The company’s consultants and engineers have an impressive background and many years of proven project experience gained in both domestic and international projects.

Kerubiel was incorporated in 2017 and is headquartered in Budapest, Hungary.

László György Dellei, Kerubiel Ltd Founder/CEO, spoke exclusively to The Silicon Review. Below is an excerpt.

Why was the company set up? And how did you expand your company and its offerings over the years?

Companies face great challenges in the modern world, especially since the application of the GDPR. The new European regime for data protection has a special focus on data security, emphasizing the importance of integrity and confidentiality of personal data. Furthermore, the so-called risk-based approach, implied by the regulation requires data controllers and processors to, adopts appropriate technical or organizational measures that protect against unauthorized or unlawful processing, and against accidental loss, destruction or damage of the information processed.

The aim of Kerubiel is to provide counsel to these actors unified expertise from the field of information technology, information security, data protection, and data security. Our approach considers all angles in order to offer affordable, rapid and personalized solutions to controllers and processors wishing to implement the rules of the GDPR. Instead of being time-consuming and resource-intensive, our five-step method, self-awareness, data governance, documentation, transparency, and risk management, offers a complex, yet easy way for controllers and processors to achieve high-level data protection compliance. The company also delivers specialized IT services, customized as per every customer’s dynamic needs with its operations like system development and implementation, IT Outsourcing, Outsourced CISO /DPO, IT Audit, Security, and Cyber Security Consulting.

Kerubiel continuously tries to expand its offerings; therefore a few months ago the company established its R&D department which among others tries to focus on Virtual Reality aided solutions in Stroke Rehabilitation. Virtual Reality (VR) environments have huge potential for those with compromised physical capability in providing a sense of freedom and motivation, but there are significant barriers in access and effective use in this context. To address these user and technological challenges, our EU funded new project aims to develop an accessible, collaborative VR rehabilitation environment that uses a serious gaming virtual space to provide stimulus, socialisation, and friendly competition for users on the path to rehabilitation.

How successful was your first project roll on? Share the experience.

From the beginning, Kerubiel has been building a rapidly growing group of customers that received counselling in the field of data security and information security. In so doing, Kerubiel managed to prepare these customers to successfully prevent and – if necessary – manage all unexpected situations, such as data breaches. Since misuse of information may lead to physical, material or non-material damages on a personal level, it is very important for Kerubiel to assist controllers and processors to cope with different risks and threats as well as to cooperate with them in the event of an unwanted incident or breach. Data breach management under the supervision of the company has been very successful.

Proud Moment

It is noteworthy that Kerubiel was ranked amongst the Top 10 GDPR service provider by CIO Applications in Europe.

What challenges did you face in your initial years? What can your peers learn from it?

The biggest challenge that Kerubiel faced (or rather is constantly facing) is the lack of the necessary attitudes on the side of controllers and processors. A certain type of strategic approach is needed for compliance with the GDPR. Controllers and processors need to permanently monitor their activities related to data processing-s, and to modify and adopt their approaches if necessary. However, many controllers and processors choose to ignore the relevant obligations, hoping to avoid inspections and further consequences, despite being aware of the new rules introduced by the GDPR. It is a crucial mission for Kerubiel to change these attitudes.

What kind of responses have you received from your consumers over the years? How have they motivated you to shape your offerings/grow the company?

Kerubiel mainly received positive feedbacks from its customers. It is common in the Hungarian market, that a company providing assistance only has expertise in one field, i.e. either in the field of data protection or in information security. By providing united counselling in both fields, Kerubiel is prepared to answer questions relating to various situations, hazards or risks, and to find appropriate solutions as well. However, there is always room for further development both on a personal and on company level. I seek to gain up-to-date knowledge information by continuously widening my knowledge via trainings and conferences. Furthermore, Kerubiel wants to utilize its expertise on a regional level, opening to other CEE countries. Under the GDPR, we may effectively share our knowledge in this field as well as study and apply good practices of controllers and processors situated in other EU member states.

How do you stay relevant to the consumer interests and needs in this highly volatile market?

Besides the continuous (self-)development, Kerubiel seeks the opinion of its customers on matters deemed to be important to them. The direct contact with our customers allows us a unique opportunity to get to know the interests of the customers first hand.

How often do you innovate? Is it only when there is a need in the market?

Innovation and the expansion of the relevant knowledge is also a key element to ‘survive on the market’. In this respect, Kerubiel always looks at technology as an opportunity for further improvement of its services. Thus, we are always trying to seek information in advance, even when the innovation itself is at a very early stage of development.

What are the factors that make your brand stand out from the competition?

Kerubiel offers unique services in the field of data protection, information management and security, and GDPR readiness. Incorporating special expertise in both fields, providing a wide range of services, and cooperating with other leading experts, we provide high-level, up-to-date advice to all our customers.

How does your company contribute to the competitive global IT platform at large?

Kerubiel is not yet a global actor. However, building valuable connections, cooperating in international projects, and providing assistance for customers on national and – intended-ly on regional – level, allows us to gather as well as disseminate good practices concerning data protection and information security.

As a question on sustainability, where do you see your company a couple of years from now?

With its potential due to the wide range of high-level expertise, Kerubiel wishes to become one of the leading companies on a regional level in the next couple of years. Of course, there is a long way until we achieve this goal. But, hopefully, we have already made the first steps.

Many organizations working with European residents are not actually based in Europe. They have offices in other locations and from there sell into the EU but it makes no difference in terms of GDPR applicability. Therefore Kerubiel would like to offer its expertise and customized DPO services to support organizations on GDPR compliance journey.

László György Dellei: A Formidable Leader

László György Dellei (MBA, CISA, CGEIT, CRISC, C|CISO, ITIL, ISO27LA, Certified expert witness) is the Chief Executive Officer of Kerubiel Ltd. He’s one of the leading experts in the field of ICT and data protection in Hungary. As the founder of Kerubiel, Mr. Dellei provides expert counsel to multinational, big, medium-sized, and small enterprises, ensuring that whenever a customer has an idea; Kerubiel produces a strategy to make that idea work.

“Under the GDPR, we may effectively share our knowledge in this field as well as study and apply good practices of controllers and processors situated in other EU member states.”