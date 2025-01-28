In this latest episode of the PrivacyRules, PrivacyEspresso series, we're joined by Endre Várady, Partner at VJT & Partners, where he dives into the critical updates on NIS2 implementation in Hungary.

Hungary, as one of the first countries to implement NIS2, has introduced pivotal changes with its new cybersecurity law. This comprehensive framework sets detailed requirements for businesses, including security controls, audits, and governance responsibilities. With over 3,000 entities already registered with the cybersecurity regulator, companies are now focusing on securing auditors and preparing for their final audits by the end of 2025.

Key challenges highlighted include:

Implementing hundreds of technical and organizational controls.

Balancing cybersecurity measures with legal requirements to avoid fines or administrative burdens.

Addressing the shortage of cybersecurity experts.

Ensuring corporate management's active involvement in compliance projects.

Endre shared practical advice to help businesses navigate these challenges effectively. He emphasized the importance of creating a detailed action plan to stay focused on deadlines and tasks, leveraging existing frameworks like ISO27001 to streamline compliance, and selecting the right auditors with appropriate licenses while securing a preferential audit date. He also highlighted the need to involve corporate management throughout the process and to prioritize cybersecurity training to build awareness, as the lack of it could undermine compliance efforts entirely.

The Hungarian experience offers valuable lessons for businesses across Europe. As regulatory expectations rise, aligning cybersecurity and legal strategies will be key to achieving compliance.

Watch the video: Navigating NIS2 compliance : Insights and challenges from Hungary

