The GDPR was nothing in comparison: the deadline for the creation of the NIS2 framework is approaching
Due to increasingly frequent cyber threats, the European Union drafted the NIS2 cyber protection directive in January 2023, which affects thousands of companies in Hungary alone. Hungary was one of the first EU member states to issue the relevant law, according to which companies must meet the requirements of the regulation by the end of this year, by December 31. According to TOPdesk business manager Gergő Berki, the new administrative tasks related to the process impose a significant cost and burden on businesses – especially those that do not yet have the necessary funds.
Thousands of domestic companies are affected by the revised EU cyber protection directive (NIS2), which means that many domestic companies have to build their cyber protection systems completely from the ground up. The new rules apply to companies that employ at least 50 people or have an annual turnover of more than 10 million euros, perform activities defined by law, and all organizations that perform essential functions in terms of the economic and social development of the EU. The companies concerned had to apply to the Regulatory Authority for Regulated Activities by June 30 this year, and they must meet the requirements of the regulation by the end of this year, December 31, 2024.
But what does this mean in practice?
The main points of the requirements include risk analysis and management, prevention and detection of cyber security incidents, their reporting and management within a given time window, access management, use of encryption and ensuring the continuity of business processes during cyber security incidents. The protection must also cover the acquisition, development and operation of electronic information systems and the software and hardware products used by them. According to the directive, every enterprise can be classified into a security risk group and must implement specific administrative, logical and physical measures associated with that category.
“A critical issue in terms of meeting the NIS2 requirements is whether the given company has previously dealt with cyber security issues. If the company concerned has to build a system completely from the ground up due to the new guidelines, it means a significant investment and an extra burden both in terms of infrastructure and human resources.”
– said Berki Gergő, TOPdesk Hungary business manager.
Related news
EY: Missed opportunity: Cybersecurity creates business value if left to
Cybersecurity is bringing significant savings to companies worldwide, yet they…
Read more >Cybersecurity: careless domestic firms could be sanctioned
On 18 October the NIS2 – the revised EU cybersecurity…
Read more >Cyber protection: careless domestic companies can be sanctioned within days
In a few days, NIS2, i.e. the revised EU cyber…
Read more >Related news
EU Sees 2% Growth In Ice Cream Production In 2024: Eurostat
Ice cream production in the EU increased by 2% year-on-year…
Read more >Oatly Is Launching A Ready-To-Drink Matcha Latte Oat Milk This Summer
Oatly is the latest plant-based milk brand to launch a…
Read more >The Hungarian Central Statistical Office (KSH) reported better-than-expected GDP data
In Q2 2025, Hungary’s GDP figures published by the HCSO…
Read more >