13
Fri, Jun
52 New Articles

Companies May Have Six More Months to Comply with the NIS2 Directive

Hungary
Tools
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

“To comply with the cybersecurity requirements of the NIS2 directive, affected businesses may get an additional six months to prepare,” announced the Supervisory Authority for Regulatory Affairs of Hungary (SZTFH) in a statement on 5 May 2025.

NIS2 aimed at ensuring the cybersecurity of key sectors across the EU through harmonized regulations in light of the growing number of cyber threats. A key part of the directive will be a cybersecurity audit, intended to confirm that the IT systems of affected companies operate securely. The audit must be carried out every two years, and only by entities that meet the specific requirements for auditors.

The system is based on two pillars: cybersecurity certification and cybersecurity supervision. Certification ensures that a particular IT product or service used by individuals or companies meets specified security requirements. Supervision, on the other hand, targets the overall security of companies operating in high-risk or critical sectors, rather than specific products or services. The security of the IT systems of affected organizations may be assessed by auditors authorized by SZTFH.

SZTFH, in cooperation with the Hungarian Chamber of Commerce and Industry (MKIK), proposes that the deadline for completing the cybersecurity audit is extended by six months to 30 June 2026, and also that the affected companies should sign a contract with an authorized auditor until 31 August 2025.

However, critics argued that the current end-of-year deadline was unrealistically tight, the audit methodology is unnecessarily strict, the compensation for auditors is too low, and there is a shortage of qualified auditors to perform the required assessments.

In addition to the extension of deadlines, further assistance is planned to support companies, especially small businesses, in their preparations. MKIK will provide personal and online advisory services, helping businesses prepare for the audit and clarify any questions. Official statements addressing the most frequently asked questions, in coordination with SZTFH, are also expected to be published.

By Lilla Majoros, Attorney at Law, KCG Partners Law Firm

Hungary Knowledge Partner

DLA Piper is a global law firm with lawyers located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa, and Asia Pacific. This positions us to help clients with their legal needs around the world.

With more than 60 lawyers, including 14 partners, and a staff of over 140, DLA Piper Hungary is one of the largest international law firms operating in Hungary. What makes us stand out is that we offer not only legal services but also tax and business advisory support in a fully integrated manner. We maximize synergies between legal, tax, and business advisory services to offer a unique service for our clients, particularly in regulated industries such as energy, infrastructure, life sciences, banking, and telecommunications.

We are a true full-service firm, providing our private and public sector clients with advice on all aspects of their business. This includes transaction-related advice, people and employment, commercial dealings, litigation, information technology, media and communications, intellectual property, insurance, tax, real estate, and restructuring plans.

DLA Piper Hungary has received numerous professional awards and is consistently ranked among the top law firms in Hungary by international rankings. We are ranked #1 by Mergermarket among the law firms active in Hungary based on the volume of M&A deals handled between 2005 and 2024.

Firm's website.

Our Latest Issue