Ethical hacking, firewalls, and cyber attacks – this what most people think of in connection with IT security, without going any further. This is no surprise, because cyber security companies are in the awkward situation that the quality of their work is measured by how little they are talked about, that is, everyone goes on their own way.
There are only five to ten IT security companies on the Hungarian market. Amongst them, TR Consult is one of the largest ones, given its sales turnover of more than one billion forints last year. Although Tamás Őry, the founder, would be very motivated by the idea of regional expansion, the company still concentrates on the Hungarian market – though they sometimes get orders from abroad, even from overseas. It is no wonder that they are popular, as continuous innovation is their priority: they never sell out-of-box software, but develop a specific methodology for each consultation project, and work with solutions that are tailored to the customer. Their activities cover the entire spectrum of IT security, as they offer consultation, risk assessment, audits, system design, and they also deliver and operate various defence systems as well. Their most important target group is large corporations and multinational companies, primarily in the energy, public utilities, and financial sectors, explains the founder. The company culture is based on the principle that clients are always informed of the real situation, and are given an honest assessment of their level of IT development and defence. This approach is reflected by their slogan: A more secure world – without illusions.
The first and one of the greatest challenges TR Consult faced was the economic crisis of 2008, as it broke out only one year after the company was founded. At the outset, the company offered mainstream consultancy, organisational and skills development besides its IT profile, but the service portfolio became clearer after the crisis. The crisis was good for the consultancy business because everybody wanted to streamline their operations. However, this only lasted for a year, then everything stopped. At that time, many potential partners went bankrupt, chiefly automotive suppliers, Tamás Őry recalls. After that, in 2010, they decided to focus on IT security, which thus ended up becoming their core business. Their achievements so far have validated this decision. They have grown from a company with three or four employees to one with a staff of 30, which is rare in the industry.
Tamás Őry is proud to have consciously built up a cyber-security team that is not only familiar with information and data security, but also builds and operates defence systems. They also employ ethical hackers who hack the system of the client on request to find its weaknesses and where it could be improved. Their other team, made up of consultants, performs audits, risk assessments and tailored legal compliance reviews.
It is widely known that labour shortage is the greatest issue in the Hungarian economy, and the shortage of IT professionals is particularly painful. The ICT Association of Hungary estimates that there are more than 20,000 vacant IT positions in Hungary. TR Consult also has positions that have been vacant for two years. Tamás Őry is of the opinion that an attractive company image and brand can be helpful in such a situation. This approach has paid off for them, because many of their current employees originally contacted them saying that they wanted to work for them. In any case, gender ratio at the company is definitely better than the sector average, but even better than the national average, as women account for about 30% of their staff, working as senior consultants, project managers, sales associates, etc.
TR Consult invests a lot of energy in the retention, training and the recruitment of workforce. They have a sound, customised training plan in every year: employees often go abroad for professional trainings; while coaching, leadership training, and skill development are provided by Hungarian consultants. There is a fierce competition for young professionals: the company cooperates with the Óbuda University, hosting student interns, and company staff members lecture on cyber security at the University.
The company manager’s midterm vision is to have a regional multinational company in Hungarian ownership. He said that it would be good to expand in the other Visegrád Countries (the Czech Republic, Poland, and Slovakia), because these countries have a similar mindset and history, and amount to a substantial market of fifty million people. This, however, requires a lot of capital, the skills and the knowledge to build up a regional company group; when asked, he could not name any other company that had managed to do the same. The greatest obstacle to expansion is that this kind of services requires a direct relationship with the client and deep knowledge of the local markets, without which it is impossible to break into any of them.
Tamás Őry expects that the future will bring a thinning out of the market and more acquisitions; consequently, there will be less but larger and more highly capitalised companies on the market. He sees a great future for cyber security. More and more companies will outsource this complex function that requires continuous updating. It is also important to the manager that the IT security providers remain Hungarian, because acquisition by well-capitalised Chinese and American multinational corporations constitutes a high risk to Hungarian companies and the Hungarian economy “could also lose out in this story”. Tamás Őry sees awareness-raising in the field of IT security as an important global trend, and even an important task, but that Hungary still has a lot to do in this respect. While in the US, cyber security is part of the company culture when a company is founded, and is as basic to the starting package as hiring an accountant, Hungarian companies only spend on it if they have to or if the company shows up in newspaper headlines in connection with a serious incident.