Cybersecurity 2025

HUNGARY Trends and Developments Contributed by: Adam Liber and Tamás Bereczki, PROVARIS Varga & Partners

of the relevant organisation’s net revenue from the previous business year, or if unavailable, the prorated revenue for the current year, capped at HUF10 million (approximately EUR24,200). For entities within the same recognised corpo - rate group or consolidated group under the Civil Code or Accounting Act, the collective annual fee cannot exceed HUF50 million (approximately EUR125,000). The status of operating as a cor - porate or consolidated group must be verified in line with the SZTFH President’s decree. The fee must be paid to SZTFH in the manner and timeframe specified in the decree. Transitional provisions The 2024 Cybersecurity Act includes several transitional provisions to facilitate the shift from previous legislation, minimising redundant administrative tasks for organisations already in compliance. • Existing Registrations: Organisations already listed in the registry maintained by the Supervisory Authority for Regulated Activi - ties (SZTFH) are exempt from submitting a new registration. However, these entities must submit a follow-up notification to the SZTFH by 15 February 2025, specifying the EU member states in which they provide their services.

• First Cybersecurity Audit: Organisations that commenced operations before 1 January 2025 are required to conduct their first cyber - security audit by 31 December 2025. • Security Classification: Organisations that have already completed the security classifi - cation of their electronic information systems and the data stored, transmitted, or pro - cessed are not required to repeat the security classification. Conclusion The transition to the 2024 Cybersecurity Act signifies Hungary’s commitment to establish - ing a cohesive and comprehensive cyberse - curity framework aligned with EU directives. While the Act introduces enhanced regulatory measures and accountability, it also places sig - nificant compliance responsibilities on entities. Organisations must prioritise preparation, lever - aging the additional lead time provided for initial audits and classifications. By embracing these changes, entities can strengthen their resilience against cyber threats and contribute to a more secure digital ecosystem in Hungary and the EU at large.

120 CHAMBERS.COM

Powered by