NIS2 compliance

NIS2 Compliance – New Regulations, New Responsibilities

Is your organization ready for the challenges of NIS2? We help you meet the new requirements through practical, regulation-based, and technological support — so you’re not just compliant, but truly secure.

What is the NIS2 Directive?

The NIS2 Directive is the European Union’s new cybersecurity framework, aimed at ensuring a uniform and high level of protection for organizations operating in critical and important sectors.

It significantly broadens the scope of covered entities and introduces stricter requirements in areas such as risk management, incident response, and supply chain security — with substantial financial penalties for non-compliance.

How is NIS2 implemented in Hungary ?

Hungary transposed the NIS2 Directive into national law through Act LXIX of 2024 and Government Decree 7/2024. These regulations define detailed cybersecurity obligations for both public and private sector organizations.

Key components include:

• Designation of supervisory authorities (SZTFH and NKI) and their powers
Classification of organizations into basic, significant, and high categories
Mandatory security measures such as incident reporting, risk management, and audit readiness

Decree 7/2024 further specifies:

A detailed set of cybersecurity controls grouped by domains (e.g., access control, business continuity, network security)
Minimum protection levels based on classification
Measurable and auditable compliance criteria

What do auditors expect?

The 1/2025 (II.6.) SZTFH Decree outlines the methodology for cybersecurity audits.

Its purpose is to translate NIS2 requirements into auditable and enforceable expectations.

Key elements include:

Frequency (every 2 years), scope, and methodology of audits
Documentation and record-keeping obligations
Objective evaluation criteria for compliance and non-compliance
Rules for appointing certified audit organizations and qualified experts

Why is preparation important?

Cybersecurity audits are not just a bureaucratic obligation — they are a strategic opportunity to assess your organization’s maturity, uncover risks, and avoid penalties.

Our experience shows that most Hungarian organizations currently lack not only technical but also administrative (policy-level) controls, which are essential for achieving compliance.

Why Choose HN Secure IT Ltd?

Because we know not only the rules, but also the official expectations - and we help you meet them.

Our experts have more than a decade of consulting and IT security audit experience, who still perform their auditing activities "in real time" today, and have practical experience in conducting NIS2 audits, including the relevant requirements.

We help you prepare for the audit, compile documentation, and fill gaps – efficiently, transparently, and in accordance with the authority's expectations. We offer full-scale preparation from security classification to technology implementation.

Don’t wait for the deadline — start your NIS2 journey today.

During our initial consultation, we assess your current state, identify critical gaps, and deliver a custom action plan to move forward.

Service