National Strategy for Cyberspace Security
Strengthen information systems and technology security, free and efficient use of cyberspace.
Foster free, secure, and efficient use of cyberspace by all citizens and public and private entities and ensure the protection and defense of cyberspace of national interest.
What is it?
Portugal runs a national cybersecurity strategy since 2015. This strategy was revised in 2019 resulting in the National Strategy for Cyberspace Security 2019-2023. The Portuguese National Cybersecurity Center (CNCS) is the national cybersecurity authority. CERT.PT is the national CSIRT and is an integrated service of the Portuguese National Cybersecurity Center. The National Cybersecurity Center is also in charge of coordinating the preparation, monitoring the implementation and review of the Action Plan of the National Strategy for Cyberspace Security 2019-2023 in articulation and close cooperation with all entities responsible for cyberspace security.
Portugal’s goal in implementing this strategy is to become a safer, more prosperous country through innovative, inclusive, and resilient action that preserves the fundamental values of the democratic rule of law and guarantees the regular functioning of institutions in the face of society’s digital evolution.
It sets the following strategic objectives
- Maximize resilience: Strengthen and ensure national digital resilience by promoting inclusion and collaboration in networks, in order to safeguard the security of cyberspace of national interest against threats that may compromise or cause the disruption of networks and information systems essential to society.
- Promote innovation: Foster and enhance national capacity for innovation by affirming cyberspace as a domain of economic, social, cultural development and prosperity.
- Generate and guarantee resources: Contribute to obtain and guarantee the allocation of adequate resources for the building and sustaining of national capacity for cyberspace security.
Considering the needs associated with each of the strategic objectives, six intervention axes have been considered, in which the actions to be carried out under the National Strategy for Cyberspace Security Action Plan fall. These are:
The national structure contained in Law no. 46/2018, of August 13, that ensures the involvement of resources, knowledge and skills necessary to deal with the complexity and scope of cyberspace security challenges, of which we highlight:
- The High Council for Cyberspace Security, as a specific body for consultation with the Prime Minister, with representatives of all stakeholders, which ensures political-strategic coordination for cyberspace security; and the
- The National Cybersecurity Center, as the National Cybersecurity Authority and the single national contact point for international cybersecurity cooperation.
- Predict the rise, evolution, and mutation of threats.
- Encourage citizens to develop digital skills at various levels.
- Strengthen civil society awareness measures for the safe and responsible use of digital technologies, giving particular importance to the training and knowledge obtained by children, adolescents, senior population and other groups at risk.
- Promote the continuous improvement of national entities’ capabilities and maturity in preventing, detecting, responding to, and recovering from adverse cyberspace security scenarios.
- Promote national and sectoral cooperation structures for cyberspace protection, including both the public and private sectors.
- Ensure the development and application of national and international reference frameworks for cyberspace security management.
- Develop and consolidate cyber defense capabilities.
- Assess the need to review and update legislation.
- Promote, at the sectoral and business level, the creation of forums for sharing operational and technical information and for coordinated response to security incidents.
- Promote scientific production, development and innovation in the various fields of cyberspace security, asserting national independence in this field.
- Foster the country’s scientific, technical and industrial capabilities, with special emphasis on critical areas and emerging technologies.
- Support the involvement of research, development and innovation actors in international projects.
- Contribute to the regulation and universalization of cyberspace by encouraging compliance with applicable international law.
- Leverage national and international synergies, particularly in the European Union (pooling & sharing), the United Nations and the North Atlantic Treaty Organization (smart defense).
- Integrate international cyber-security and cyber-defense organizations with a view to international cooperation and Portugal’s affirmation in this domain.
Critical Success Factors
- Adequate financial resources for the scale of the strategy’s implementation.
- Greater focus on research and development in cybersecurity-related matters.
ESNA - Europe Startup Nations Alliance
Rede Nacional de Incubadoras e Aceleradoras
Rede de investidores
Apoio ao empreendedor