25+ years
Founder experience
Cybersecurity, vCISO, information security, and technical advisory experience rooted in hands-on security work.
Cybersecurity and data protection are not just technical services. They are mandates of trust.
Before an organisation decides who should protect its systems, sensitive data, compliance obligations, and reputation, one question naturally comes first:
Who are we willing to trust with this responsibility?
OR Security is founder-led and senior team-backed, combining more than 25 years of founder experience with over 100 years of cumulative senior leadership and specialist expertise.
We were built to provide serious cybersecurity and data protection support with discretion, technical depth, clear communication, and fair pricing.
25+ years
Cybersecurity, vCISO, information security, and technical advisory experience rooted in hands-on security work.
100+ years
Combined experience across senior leadership, CTO-level technology, vCISO advisory, red teaming, and offensive security.
5 years
The company operated for its first five years largely through word of mouth, trusted relationships, and professional recommendations.
When an organisation gives us a cybersecurity or data protection mandate, it is placing trust in more than a supplier.
It is trusting judgement. It is trusting confidentiality. It is trusting the ability to understand real risks, challenge weak assumptions, and protect what should never be exposed.
We take that responsibility personally.
OR Security was built for organisations that need serious protection without unnecessary complexity, inflated enterprise overhead, or generic consulting language. Our goal is to provide high-quality senior expertise in a focused, practical, and financially reasonable way.
OR Security was founded by Örs Apor Horváth, a cybersecurity and information security professional with more than 25 years of experience and a deeply technical background.
His career began in 1996 in the hacker community. Over time, this evolved into ethical security work across red team, purple team, blue team, threat intelligence, social engineering, cloud security, vCISO leadership, and strategic information security advisory.
Today, as sole owner, founder, and managing director of OR Security, Örs is responsible for the company’s direction, standards, client trust, and professional culture.
His work focuses on helping organisations understand, reduce, and manage real-world cyber risk — not only through policies and documentation, but through practical technical insight, security awareness, responsible leadership, and long-term resilience.
Örs speaks four languages, allowing him to work effectively across international teams, cultures, and stakeholder groups.
As sole owner, founder, and managing director, Örs Apor Horváth stands personally behind the company’s standards, values, and long-term direction.
OR Security is a founder-led company, but not a one-person promise.
At the same time, OR Security is supported by senior leadership and specialist expertise across cybersecurity, data protection, CTO-level technology leadership, vCISO advisory, red teaming, and offensive security.
Together, OR Security’s senior leadership and specialist leads bring more than 100 years of cumulative experience.
This combination matters: direct founder accountability, supported by experienced senior professionals who understand both strategy and real-world technical risk, and who can support clients from governance and compliance through to the technical reality of how systems are built, attacked, defended, audited, and improved.
For its first five years, OR Security operated almost entirely through recommendations, long-standing professional relationships, and word of mouth — with little to no formal marketing or sales activity.
That matters to us.
In a field where trust is difficult to earn and easy to lose, recommendation-based growth is one of the clearest signs that clients, partners, and professional contacts were willing to put their own reputation behind ours.
This reputation was not created by campaigns. It was built through delivered work, accumulated trust, and professional relationships developed over many years.
We see this as a responsibility to preserve: do good work, communicate honestly, respect confidentiality, and remain worthy of the trust that brought us here.
Across more than 25 years in cybersecurity, the IT systems and organisations represented under Örs’ responsibility have no known record of compromise or data breach.
We do not present this as a guarantee. Cybersecurity can never be reduced to slogans, and no serious professional promises absolute safety.
We present it as evidence of an approach built on preparation, realism, discipline, and continuous improvement.
Good security is often quiet. It prevents incidents before they become visible. It strengthens people before mistakes become breaches. It improves systems before attackers turn weaknesses into consequences.
Cybersecurity, vCISO, information security, and technical advisory experience rooted in hands-on security work.
Combined experience across senior leadership, CTO-level technology, vCISO advisory, red teaming, and offensive security.
OR Security is led by its sole owner, founder, and managing director, Örs Apor Horváth.
The company operated for its first five years largely through word of mouth, trusted relationships, and professional recommendations.
Across more than 25 years, the systems and organisations represented under Örs’ responsibility have no known record of compromise or data breach.
A practical understanding of how attackers think, how defenders operate, and where organisations are most exposed.
We know that cybersecurity and data protection engagements are often bought under pressure: board pressure, client pressure, regulatory pressure, or the pressure that comes from knowing what is at stake.
That is why OR Security is built around direct accountability, senior judgement, and practical delivery. The work should be serious, practical, human, and defensible.
Örs Apor Horváth
Founder, Sole Owner & Managing Director
If you are deciding who should be trusted with cybersecurity, data protection, or sensitive operational responsibility, we can start with a direct conversation.