Move fast! Your business is affected!

The NIS2 Directive has arrived in Hungary. With the deadline of 30 June 2024 approaching, your business must start preparing for the new cybersecurity requirements.

As a first step, your business needs to register with the Hungarian cybersecurity regulator. The deadline for registering is 30 June 2024. If you fail to register, your business could face significant fines.

The VJT team is prepared to advise you on all the practical legal issues involved in implementing NIS2 and, if you have not already done so, will be happy to support your business in completing the registration.

To whom does the NIS2 legislation apply?

The NIS2 regulation applies to all medium and large businesses in Hungary in various industries including energy, transport, healthcare, pharmaceuticals, manufacturing, chemicals, or research. In addition, NIS2 also covers micro or small businesses in certain specific sectors (e.g. communications, trust services, domain name registration).

What must your business do to comply with cybersecurity regulations?

The Hungarian implementation of NIS2 regulation requires, among other things, working out information security systems, proper risk analysis and cyber security management processes, a business continuity plan, and the designation of the information security chief. Also, appropriate policies must be put in place by the relevant business units to prevent, detect, manage, report, and mitigate the effects of security incidents. The business is also obliged to make sure that the cybersecurity requirements are reflected in the service contracts throughout the whole supply chain. Raising cyber security awareness through education is also a priority.

What deadlines must your business be prepared for?

Your first deadline: registration is now due by 30 June 2024.
Your business must sign the contract with the auditor by 31 December 2024.
The deadline for conducting the first cybersecurity audit is 31 December 2025.

What’s next? How can VJT & Partners help?

The most important next step is to organise the registration process to ensure that registration is completed on time.

VJT & Partners is prepared to advise on all the practical legal issues associated with NIS2 implementation, whether it is advising on the major cyber security requirements, selecting the NIS2-compliant information security service provider and/or auditor, reviewing supplier contracts, or providing practical guidance on preparing for an audit.

Our team is professionally equipped to help your business to comply with cybersecurity regulations.