The GDPR was nothing in comparison: the deadline for the creation of the NIS2 framework is approaching
Due to increasingly frequent cyber threats, the European Union drafted the NIS2 cyber protection directive in January 2023, which affects thousands of companies in Hungary alone. Hungary was one of the first EU member states to issue the relevant law, according to which companies must meet the requirements of the regulation by the end of this year, by December 31. According to TOPdesk business manager Gergő Berki, the new administrative tasks related to the process impose a significant cost and burden on businesses – especially those that do not yet have the necessary funds.
Thousands of domestic companies are affected by the revised EU cyber protection directive (NIS2), which means that many domestic companies have to build their cyber protection systems completely from the ground up. The new rules apply to companies that employ at least 50 people or have an annual turnover of more than 10 million euros, perform activities defined by law, and all organizations that perform essential functions in terms of the economic and social development of the EU. The companies concerned had to apply to the Regulatory Authority for Regulated Activities by June 30 this year, and they must meet the requirements of the regulation by the end of this year, December 31, 2024.
But what does this mean in practice?
The main points of the requirements include risk analysis and management, prevention and detection of cyber security incidents, their reporting and management within a given time window, access management, use of encryption and ensuring the continuity of business processes during cyber security incidents. The protection must also cover the acquisition, development and operation of electronic information systems and the software and hardware products used by them. According to the directive, every enterprise can be classified into a security risk group and must implement specific administrative, logical and physical measures associated with that category.
“A critical issue in terms of meeting the NIS2 requirements is whether the given company has previously dealt with cyber security issues. If the company concerned has to build a system completely from the ground up due to the new guidelines, it means a significant investment and an extra burden both in terms of infrastructure and human resources.”
– said Berki Gergő, TOPdesk Hungary business manager.
Related news
Cybersecurity: careless domestic firms could be sanctioned
On 18 October the NIS2 – the revised EU cybersecurity…
Read more >Cyber protection: careless domestic companies can be sanctioned within days
In a few days, NIS2, i.e. the revised EU cyber…
Read more >Shoppers are scared of data theft
More and more shoppers are worried about their shopping details…
Read more >Related news
Master Good, Nestlé Hungária, Tesco Hungary are this year’s winners
This year, Trade Magazine announced the Christmas TV Ads 2024…
Read more >This year’s CO-OP Star Silver Pine and Silver Star awards have been presented
As every year before Christmas, this December, the CO-OP Star…
Read more >Declining company numbers, permanent half-million limit
In 2024, the number of partnerships is expected to decrease…
Read more >