From Strategy to Implementation: National Cybersecurity Action Plan in Hungary

Hungary's experience offers lessons for any EU member state navigating the gap between cybersecurity strategy and implementation. The adoption of a new Cybersecurity Strategy (Government Decision 1089/2025) and a National Cybersecurity Action Plan for 2025–2030 marks a significant development in Hungarian cybersecurity governance. For the first time, strategic ambition is paired with a structured, publicly accountable implementation mechanism, addressing the strategy-implementation gap better than in earlier policy cycles.

This white paper examines the significance of the National Action Plan, the conditions necessary for its success, and the specific opportunity represented by Task 24 of the Action Plan: the establishment of a professional forum to evaluate emerging cybersecurity technologies. Task 24 addresses a structural failure in Hungary's technology adoption environment and is presented as a model deserving attention from Hungarian policymakers, EU institutions, and the defence community alike.

The Forum's priority technology areas are motivated by sovereignty concerns that rightly dominate both EU and Hungarian strategic discourse. Task 24 addresses three distinct theatres of engagement: infrastructure, data and cognitive. It suggests defensive tactics on each layer: Trusted computing environments, privacy-enhancing technologies (PETs) and deepfake recognition tools, among others. Together these form a coherent sovereignty-oriented technology innovation agenda.