License partner of


NIS2 Compliance Consulting Services (Hungary)

Your Key to Achieving Regulatory Alignment

Although NIS2 is a European Directive, there are several allocated duties and tasks to member states and companies operating in a particular EU-member state.

This info-sheet is dedicated to companies operating sites in Hungary and want to achieve a status in compliance with NIS2. National-specific requirements are considered in this leaflet.

Our specialized consulting services are tailored to meet your needs and ensure seamless alignment with the regulatory framework.

Navigating the complexities of NIS2 compliance can be daunting, especially with the unique requirements set forth by each member state. However, with our expert guidance, you can streamline the process and achieve compliance efficiently.


Involved parties

  • SZTFH (Supervisory Authority for Regulatory Affairs) is the appointed governmental organisation managing NIS2 related activities in Hungary
  • Audit providers: Accredited bodies by SZTFH for providing cybersecurity audit services for companies in the scope of NIS2
  • Companies providing “essential services” (NIS2 Directive Annex I):
    • Energy – electricity, district heating and cooling, oil, natural gas, hydrogen
    • Manufacture of pharmaceutical products including vaccines
    • Drinking water and wastewater
    • Transport – air, rail, water, road
    • Banking (except for central banks)
    • Financial market infrastructures
    • Health
    • Digital infrastructure – internet exchange points (IXPs), DNS providers, TLD name registries, cloud computing service providers, data centre service providers, content delivery networks, trust service providers, public electronic communications networks, electronic communications services
    • ICT service management (business-to-business)
    • Space industry
    • Central and regional public administrations


  • Companies providing “important services” (NIS2 Directive Annex II):
    • Postal and courier services
    • Waste management
    • Chemicals – manufacture, production, distribution
    • Food – production, processing, distribution
    • Manufacture of medical devices
    • Manufacture of computers, electronic and optical products, electrical equipment, machinery and equipment, and motor vehicles and other transport equipment
    • Digital providers – online marketplaces, online search engines, and social networking service platforms

Important dates for companies in Hungary

  • 01.2024 – 30.06.2024 self-assessment and registration at SZTFH
  • 10.2024 paying surveillance fee (0,015 % of net turnover from previous business year) and implementing protective measures (controls)
  • 10.2024 – 31.12.2024 contacting accredited audit service provider
  • 12.2025 completing the first cybersecurity audit by the audit service provider!

Compliance focuses for companies in Hungary

  • classification of information systems operated by the company based on risk levels represented by them (low, medium, high-risk systems / applications)
  • implementation of cyber-risk-based approach
  • identification and assessment of risks related to company’s information assets
  • risk treatment plan
  • established reporting lines for information security incidents to authorities

What service do we provide for our clients?

We are committed to helping companies in Hungary achieve NIS2 compliance with confidence. Contact us today to learn more about how we can support your journey towards regulatory alignment.