Current status: National Cyber Security Strategy
The National Cyber Security Strategy of Hungary was approved in March 2013 (Government Decision No. 1139/2013). To address present and future challenges, Hungary lays down the requirement that the Hungarian cyberspace shall provide a secure and reliable environment:
a) for individuals and communities to ensure social development and integration through communication based on liberty, freedom from fear, and guaranteeing the protection of personal data,
b) for the business sector to develop efficient and innovative business solutions,
c) for future generations to ensure value-based learning and unharmed collection of experiences resulting in a sound mental development,
d) for electronic public administration, to promote innovative and cutting-edge development of public services.
National Cyber Security Strategy
|Year of adoption||2013|
|Updates and revisions||
The National Cyber Security Strategy of Hungary (NCSS)28 was adopted in 2013, enacted by Government Decision No. 1139/2013.
Reflecting the intensive progression in cyber security matters, the first reform of Act L of 2013 took place in July 2015, two years after its adoption.
|Implementation and monitoring||Beyond analysing the cyber environment and clarifying the priorities, the NCSS also provides for the establishment of the highest political coordination body, the National Cyber Security Coordination Council|
Main measures related to businesses
In determining cyber security requirements for public procurement tenders in information technology and communications, Hungary intends to encourage equipment manufacturers and service providers submitting bids to create the highest possible level of cybersecurity, with special emphasis on compliance with international certification standards. Furthermore, Hungary wishes to cooperate with business actors to develop incentive measures for cybersecurity improvement.
The National Cyber Security Forum is a body of the National Cyber Security Coordination Council, giving the opportunity for business CEOs, academic and NGOs’ leaders to meet with governmental decision makers. Through the Forum, the non-state sector could become an active partner with the government during the legislative process. Moreover, national and international companies hold great knowledge and experience in the field of cyber security, which should be shared.
|Risk assessment plan||Operating under the Ministry of Interior, the National Security Authority promotes the protection of classified information and electronic systems that handle sensitive data. In accordance with Hungarian information security law – mentioned Act L of 2013 – from 1 July 2013 to the summer of 2015, the Authority was also responsible for the vulnerability assessments of governmental systems according to the National Electronic Information Security Authority requests.|
To ensure cooperation and the flow of information on higher levels on a daily basis, the National Cyber Defence Institute was established on 1 October 2015. The institute operates as an umbrella organisation, incorporating the GovCERT-Hungary, the National Electronic Information Security Authority and the Cyber Defence Management Authority.
Current status: NIS Directive and national CERTs/CSIRTs
|Computer security||The Hungarian information security law created its assessment and supervision agency, the National Electronic Information Security Authority, which operates under the supervision of the Ministry of Interior.|
Hungary continues to play an active role in the European, Atlantic and global organisations of national/governmental and Sectoral Incident Handling Centres, in the European Network and Information Security Agency, and in the Board of European Electronic Communications Authorities
GovCERT-Hungary started to operate on 1 July 2013. It has nearly 4,000 institutions as partners, and contributes to the protection of critical infrastructure with the National Directorate General for Disaster Management.
|Report an incident||
GovCERT-Hungary is the main agency authorised to get involved in central governmental incident management. It provides services for the whole Hungarian governmental administration – especially for the government backbone system and for critical infrastructures – and the municipalities.
Sectorial CERTs are also being established: beyond the existing critical information infrastructure protection (CIIP) CERT (operating under the National Directorate General for Disaster Management), another two are being set up, one for defence within the Military National Security Service, and another one for civilian intelligence within the Information Office.
|Date inserted||October 2016|