Cybersecurity 2025

HUNGARY Law and Practice Contributed by: Adam Liber and Tamás Bereczki, PROVARIS Varga & Partners

PROVARIS Varga & Partners H-1053 Budapest

Károlyi street 9. Central Palace 5th Floor Hungary Tel: +36 706 051 000 Email: info@provaris.hu Web: www.provaris.hu

1. General Overview of Laws and Regulators 1.1 Cybersecurity Regulation Strategy The 2013 Cyber Strategy and its Implications Hungary adopted a dedicated cybersecurity strategy in 2013 through Government Decision 1139/2013 (21 March) on Hungary’s National Cybersecurity Strategy (“2013 Cyber Strategy”). The 2013 Strategy aimed to align with consti - tutional principles and national interests while addressing the challenges of the digital age. It set national goals, strategic directions, and gov - ernment measures to ensure a free and secure cyberspace, protect national sovereignty, and safeguard economic and societal activities. The strategy emphasised securely adapting tech - nological innovations, fostering international co-operation, and strengthening governmental co-ordination to address cybersecurity threats. It also integrated core values such as freedom, security, and the rule of law, aligning with Hun - gary’s National Security Strategy, EU and NATO cybersecurity principles, and the Budapest Con - vention on Cybercrime. This previous 2013 Cyber Strategy paved the way for the Hungarian Parliament and the gov -

ernment to adopt legislation such as the Act L of 2013 (“Information Security Act”) on the Elec - tronic Information Security of State and Munici - pal Bodies, and its executive regulation, namely Decree 42/2015 (VII. 15.) of the Ministry of Inte - rior on the Procedure for the Official Registration of Certain Organisations Covered by the Act on Electronic Information Security. The Information Security Act aimed to protect national electronic data assets, critical information systems, and their components, recognising their importance in addressing modern threats. Ensuring the con - fidentiality, integrity, and availability of data and systems is a societal expectation essential for safeguarding cyberspace. NIS1 Implementation Later, Hungary implemented the Directive (EU) 2016/1148 (NIS Directive) in various laws, including the Act CVIII of 2001 on Certain Issues of Electronic Commercial Services and Informa - tion Society Related Services (E-commerce Act). Detailed rules regarding cybersecurity event management and supervision were laid down in Government Decree 270/2018 (XII. 20.) on the Supervision of the Electronic Information Security of Information Society Services and the Procedure on Security Events. Further to this,

93

CHAMBERS.COM

Powered by