The operation of IT systems of Hungarian higher education institutions is governed only by general law. These institutions have a large amount of personal, economic and research data. The management of these organizations is defined by internal regulations which are not controlled in terms of form or substance. As a consequence, the security of Hungarian higher education IT systems currently varies from institution to institution. Internationally, the first step in the legislative regulation of higher education systems was published in the United States in 2004, followed by only general rules from European legislators. In recent years, however, this situation has changed, and in several countries, including Hungary, the extension of the legislation on state institutions to higher education systems has begun. At present this has manifested in placing of research institutes under national security protection. In the light of international trends and Hungarian development, it is expected that this process will continue.
One possible way to raise the IT security level is to place higher education institutions under Act L. of 2013. This, in addition to not being a simple process, would create a serious financial burden for the maintainer and would have a noticeable impact on institutional autonomy, teaching and research freedom. There is currently no public source of information on IT incidents or their success and management in higher education IT systems in Hungary. In my presentation, I review the IT data assets of Hungarian higher education and based on my personal experience, I give an overview of IT attacks on the sector and a what can be expected based on changes in the L. Law of 2013.