Competence

With the entry into force of Act LXIX of 2024 on the Cybersecurity in Hungary on 1 January 2025, a new era has begun in the field of cybersecurity. Together with Government Decree 418/2024 (XII. 23.) on the implementation of the Act on the Cybersecurity of Hungary, the legislation introduces substantial changes that will significantly affect the operation of legal entities.

From this date, the legal framework governing cybersecurity protection in Hungary has been comprehensively renewed. At the same time, several previously applicable laws and regulations have ceased to have effect, including:

• The National Cybersecurity Coordination Council, the Cybersecurity Forum and the Cybersecurity Sector Working Groups has been repealed in their entirety, as set out in Government Decree 484/2013. (XII. 17.) on the rules relating to the establishment and operation of the Cybersecurity Forum and the Cybersecurity Sector Working Groups, their tasks and powers.
• Decree, as set out in Government Decree 187/2015. (VII. 13.) Paragraph 4 (1).
• Decree, as set out in Government Decree 270/2018. (XII. 20.) on the supervision of electronic information security of information society services and the procedure for security incidents. Decree, as set out in Government Decree 271/2018. (XII. 20.) on the tasks and powers of incident management centres, and on the rules for the management and technical investigation of security incidents and the conduct of vulnerability assessments.
• Decree, according to Paragraph 4 (1) of Government Decree No. 305/2023. (VII. 11.) on the amount of cybersecurity fines, the detailed procedural rules for imposing and paying fines. Decree.