CDSYS Predicts More Than HUF 1 bln Income This Year

Q: Could you explain CDSYS’s main business, and also tell us a bit about how you started the company?

A: Our company, Compliance Data System Ltd., only deals with IT security so we don’t sell hardware, servers or PC parts. Focusing in that area has helped us to reach the number one position in less than six years with an income of HUF 655 million last year. We started as a Hungarian SME with a small team of four members and had as our first business partners Sun and Symantec in 2008. At the moment we have 12 experts.

Q: I suspect that you soon contacted other big companies?

A: Yes, of course, we didn’t stuck with Sun and Symantec; we always looked for new possibilities for our clients. Sensitive data is a special kind of property that needs to be protected at all costs. Having eight cars and 22 computers can be nice, but sensitive information is what drives the world today and we were always looking for new solutions for its protection.

Q: What was the first important technology that you used?

A: Data Loss Prevention (DLP) was the technology that we used first in Hungary in 2009, with the help of our partner Symantec. Symantec has remained one of our important business partners, but we provide the security systems of other big companies as well.

Q: Tell us about your Hungarian clients?

A: It’s probably not a surprise that companies from the financial sector are our most important clients: banks and insurance companies like Allianz, Erste, CIB, FHB, Fundamenta, UniCredit and also Banco Populare until it left Hungary. Of course we are not only dealing in the financial sector as we have other kinds of clients like E.ON and Richter Gedeon and other firms and we are focusing on the governmental sector as well. Expanding our portfolio and client base helped us to gradually increase our income significantly: we increased by 50% our income last year and also the year before, for this year our plan is to double it.

Q: Do you always provide the latest technology to your clients?

A: We provide reliable and necessary solutions to our clients, because each client needs specific technology suited to its needs. Constantly using the latest technology isn’t always the best idea. That’s why we instead expanded our list of providers with big development companies: we are dealing with firms like Oracle, Symantec, CA, Novell, Forgerock, Juniper and McAfee among others, thus we can be an independent data security provider ourselves.

Q: I suspect that you expanded your end user client base as well?

A: Yes, with the Hungarian government as one our most important clients, for example. IT security is very important for the courts of justice, the police, ambulance, the ministry of the interior and so on. The Hungarian government takes data security very seriously, which is why the new Information Security Law was voted in last year, which we think was an important step in the security arena. We hope that it will expand the list of smaller organizations that will use more complex data security solutions, besides using the basic and obvious antivirus and firewall software.

Q: Could you give us an example of more complex techniques?

A: Beside antivirus and firewalls you need VPNs (virtual private networks) with content filtering and intrusion detection. Encryption is also a key security solution in case a business notebook is lost or stolen. Defense against data leaks are very important as well. DLP software has a key role in this area but as I have explained in many conferences, DLP isn’t a magical cure-all in itself. For the DLP software to have its best effect a whole security system needs be installed. This also means instructions and education on security issues and solutions for employees, which we also provide. Without appropriate instructions, we cannot expect employees to correctly use the security methods.

Q: Is there a difference between the security technologies used by the business sector and those in public administration?

A: If we are talking about the general technical solutions, no, there is no difference. However there’s a difference regarding approach. Companies dealing in the financial sector always want to try out and test the latest security technology. For a bank to have the best and latest technology possible is vital since its data is protecting money, thus they are the targets of increased security attacks. In public administration the processes are different. Procurement process, decisions and testing take much more time. However, when the decision is taken to use a security system there’s not much difference between the business sector and public administration regarding the use of security services.

Q: Tell us about a specific security technology that you provide and are particularly proud of?

A: Symantec bought the SSL (Secure Sockets Layer) protocol from Verisign and, since we are providing this service to the public administration, almost every Hungarian can find our system at the Ügyfélkapu (or Customer Portal) at ugyfelkapu.magyarorszag.hu. Also, when you are downloading your tax assessment software you will meet our SSL codesigning certificate there.

Q: What are the favorite targets of hackers? Banks?

A: Banks are very desirable but also hard targets, since they are usually already using very serious and hard-to-breach security systems. That’s why attackers have turned their attentions to SMEs, since smaller firms aren’t keen to invest in very important security systems. Another reason why SMEs have become the targets of hackers is because they may be service providers to bigger companies and through their possibly weaker security systems it’s easier to hack and find a way into the systems of the bigger business partners and thus acquire their sensitive data. There are increasing hacker attacks against SMEs and a significant money loss can mean the end of a smaller company. SMEs have recognized this and are getting more interested in complex solutions. It is important to recognize that to live in a well-organized and secure world, everybody needs his or her information security well protected.

BIO:

Krisztián Egerszegi is a technical manager, economist and banking security expert with more than 13 years of experience in the field of information security. From 2001 he worked at VT-Soft where he dealt with issues regarding IT security and Identity Management, before becoming the leader of the business branch that he developed. Since 2008 he has been the CEO of CDSYS, the biggest Hungarian company dealing with IT Security.