Portugal (PT)

The Portuguese National Cyber Security Strategy was implemented in 2019 for the period 2019-2023. It is the second strategy, with the first one implemented in 2015. 

It covers the following strategic goals in the ENISA self-assessment classification: Cybercrime, security and privacy balance, citizen awareness, critical information infrastructure protection, international cooperation, incident response capability, institutionalised form of cooperation between public agencies, baseline security requirements, incident reporting mechanisms, R&D, cyber security exercises, training and educational programmes.

The Strategy is reviewed annually by the National Cybersecurity Council with a view to verifying the strategic objectives and action plan and their adequacy to changing circumstances. 

In April 2020, the Portuguese National Cybersecurity Centre published its National Cybersecurity Framework based on international standards for a risk-based approach to tackling cyber threats and the implementation of security measures for networks and information systems. To this end, the framweork revolves around the identification, protection, detection, response and recovery phases of cyber incidents. 





Prevent and Awareness-raising   

The strategy defines the following priorities for prevention, overall education and awareness-raising:

  • Information sharing in early threat assessment as a crucial safeguard. The evolving threat landscape requires a national capacity to detect and discover indicators associated with potential and on-going threats. Hence it is critical to develop the ability to obtain, in an automated, systematic and coherent way, knowledge about these indicators. The end result should be an extensive body of knowledge of the national cyberspace ecosystem underpinned by effective security measures, which are defined in the National Cybersecurity Framework (April 2020).
  • Promoting a culture of security, framed by the principles of ethics, ensuring the knowledge, awareness and confidence needed to use information systems and networks, reducing exposure to risks. Such awareness needs to cover public bodies, companies and civil society. 
  • Equipping the country with qualified human resources to deal with complex cybersecurity challenges. Users of technology infrastructures, network and information systems need to take measures to prevent risks they are exposed to. Thus, permanent awareness is an essential factor. To achieve this, the following actions should be taken:
    • Strengthening the means of information collection and processing, analysis capabilities.
    • Ensuring knowledge of threat agents, intentions and capabilities, as well as assessment of potential impacts.
    • Anticipating the emergence, evolution and mutation of threats to enable timely adoption of resilience measures. 

Cyberspace Protection

  • Identifying and reinforcing knowledge about the critical information infrastructures, drawing on national and international cyberspace security legal framework.
  • Promoting the continuous development of the capabilities and maturity of national entities for the prevention, detection, response and recovery from adverse cyberspace security scenarios that may impact their network and information systems and ecosystem, building the mutual trust, the sharing of information and knowledge, and the quick and effective cooperation.
  • Promoting national and sectoral cyberspace protection cooperation structures, including the public sector at central, regional and local levels, and the private sector, including small and medium-sized enterprises, for information sharing and the promotion of mutual collaboration in the protection of common interests.
  • Ensuring the application of mechanisms and incentives to enable the development of national and international cyberspace security management frameworks and their adoption by national authorities with responsibilities for critical infrastructures and essential services.
  • Enhancing threat response capacity by maximising the synergies created by the cooperation and trust that exist between computer security incident response teams, enabling the creation of new teams of this nature in all public and private bodies, with responsibility for the security of network and information systems. 
  • Promoting, at the sectoral and business level, the creation of outside operational and technical information sharing foruns, a coordinated response to security incidents and the production of specific safety references, ensuring their connection with their international counterparts, if any, and their alignment with the relevant references.
  • Consolidating and promoting the national capacity to know cyberspace security threats, in a collaborative manner between national authorities with responsibility in this area and with the active participation of public and private bodies, thereby producing and sharing aggregate knowledge that enable anticipation of impacts, proactive action and better awareness of the threat for all concerned; Encourage and boost the participation of computer security incident response teams in national and international cyberspace security fora, benefiting from knowledge sharing and peer confidence building.
Education, Cyber Skills and Training 

The 2019 strategy is aimed at creating a more resilient society by:

  • Stimulating the development of digital skills of citizens, such as the «National Digital Skills Initiative e.2030 — INCoDe.2030».
  • Creating tools and strengthening civil society awareness-raising measures for the safe and responsible use of digital technologies, with particular emphasis on capacity building and knowledge gained by children, adolescents, seniors and other groups at risk.
  • Promoting a robust and cross-cutting cybersecurity training programme for all organisations and citizens, enabing them to understand their responsibilities, using and adequately protecting information and resources. 
  • Strengthening cybersecurity skills and knowlwdge in education, including the syllabuses of primary, secondary and tertiary education and continuing teacher training. 
  • Promoting digital education and lteracy as a prerequisite for trust in and use of new digital and technology resources by new generations, especially vulnerable groups, in an informed and responsible manner. 
  • Encouraging the identification of young people with high potential for cybersecurity and promoting their timely integration into a professional context. 
  • Promoting advanced technical training on cyberspace security in universities and polytechnics to meet national needs for professionals in the sector. 
  • Valuing informed and responsible behaviour when using technology as an integral part of academic and professional training. 
  • Promoting specialised training and raising awareness amongst decision makers, public managers and operators of critical infrastructures and organisations providing essential services to society with a view to safeguarding national critical information. 
  • Placing greater emphasis on professionals in cyberspace security, increasing the number of specialists, qualifying professions and involving various actors from all facets of society. 
  • Ensuring a high level of cybersecurity training and requalification courses with certifications. 
  • Creating a retention mechanism for national human resources qualified in cybersecurity. 
  • Organising and conducting exercises to assess the preparedness and maturity of organisation in dealing with incidents and their impacts coupled with enhanced synergies across the ecosystem and taking part in international exercises. 
  • Leveraging national and international military and police education and training structures to build specific teaching structures in Portugal aligned with the North Atlantic Treaty Organisation (NATO) and the European Union (EU) and associated initiatives to deepen knowledge of cyberspace and taking adequate preventive measures. 
  • Promoting specific awareness programmes with public and private institutions aimed at strengthening the behavioural aspect of security in digital environments based on the sharing of specialised knowledge about threat agents and their modus operandi. 
  • Raise awareness among national entities about specific vulnerabilities that could be infiltrated, exploited or subverted by threat agents. 

Research, Development and Innovation 

Building technological capabilities in cybersecurity is essential for sustained development. Hence, the strategy prioritises strengthening, supporting and promoting national research, development and innovation potential of cutting-edge cybersecurity processes and technologies, based on the individual and collective capacities of the public and private sector, academia and industry. The task of creating these technological capacities lies primarily with the National Scientific and Technological System, including companies, public and private institutions, within the framework of their national and international commitments, forums, organisations and partnership systems representing Portugal. The strategy sets out the following measures: 

  • Promoting scientific production, development and innovation in the various fields of cyberspace security with the aim of maintaining and affirming national independence in this field.
  • Stimulating and leveraging through appropriate funding the country's scientific, technical and industrial capacities, with particular emphasis on critical domains and emerging technologies, giving priority to the development of cybersecurity technologies and meeting identified innovation needs.
  • Supporting stakeholders participation in research, development and innovation in international projects.
  • Enhancing synergies arising from the national participation in the various international forums in this field and the presence in the national territory of international organisations dedicated to research, development and innovation in this area.
  • Enhancing national synergies and address ongoing cooperative efforts in international organizations of which Portugal is an integral part, notably within the framework of the EU (pooling & sharing), the North Atlantic Treaty Organization (smart defence) and multinational initiatives to technological solutions of interest for dual civil and military use in collaboration with universities, research centres and industry, to develop.
  • Promoting the development of secure by design and secure by default products, systems and services.
  • Participating in the work of national and international technical committees to implement internationally accepted technical standards and specifications applicable to the security of network and information systems, without imposing or discriminating in favour of the use of a particular type of technology.
  • Promoting innovation combined with the State’s cybersecurity through the most effective information and communication technologies, in accordance with other relevant national strategies, notably the Strategy for Digital Transformation in Public Administration — ICT 2020 Strategy as well as the “Digital Development Strategy National Digital Skills Initiative e.2030 — INCoDe.2030”.
  • Ensuring the articulation of public and private entities, academia and business, namely, the entrepreneurial ecosystem and clusters, promoting the technological innovation in the country.
  • Promoting foreign investment in cyberspace security.
Higher Education Courses on Cybersecurity
EU Cyber Professional Register for national stakeholders

The CYBERWISER.eu CyPR is all about boosting opportunities in the cybersecurity marketplace. 

This European Cybersecurity Professional Register is the place where professionals, juniors or seniors, age can promote their specific skill sets and experiences in cybersecurity, courses taken and qualifications.

Organisations of any size or sector from SMEs to large companies and public institutions can find and contact the right skills and experiences they need to improve their IT security posture.

Business and Public private partnerships

The National Centre for Cybersecurity is tasked with liaising with the private sector in the course of its duties.

Latest Update  & Disclaimer

January 2021. 


The information contained here is based on desk research carried out by CYBERWISER.eu, including the ENISA interactive maps on national strategies and educational courses. 



Cybersecurity Response Teams: GDPR and NIS Compliance and Notification

Cyber Response Teams 

National Centre for Cybersecurity (Centro Nacional de Cibersegurança – CNCS; Portuguese and English) is the Portuguese national authority for cybersecurity in coordination with all competent authorities and implementing measures necessary to safeguard critical infrastructures and national interests from cyber threats.

  • Working with operators of essential services, digital service providers and government organisations in view of their critical role in ensuring the proper functioning of society.
  • Ensuring the creation of legal benchmarks for cybersecurity.
  • Developing national capacities for preventing, monitoring, detecting, analysing and taking actions to tackle cyber incidents.
  • Contributing to the security of information and communication systems of government organisations, operators of essential services and digital service providers. 
  • Promoting the training and qualification of human resources on cybersecurity to create a community of knowledge and national culture of cybersecurity.
  • Supporting the development of technical, scientific and industrial capabilities, promoting projects for innovation and development in the area of cybersecurity.
  • Ensuring the planning of cyberspace use in critical situations within the frame of emergency civil planning under Decree-Law 73/2013.
  • Coordinating the international co-operation on cybersecurity issues, in coordination with the Ministry of Foreign Affairs.
  • Coordinating the transposition of NIS Directive (EU Directive 2016/1148) on measures to ensure a high common level of network and information security across the Union to internal legal order.

CERT.PT is tasked with responding to incidents affecting government organisations, critical infrastructures, operators of essential services, digital service providers, and the national cyberspace, including any device belonging to a network. CERT.PT is an accredited member of the Trusted Introducer.

National Network of CSIRTs (Computer Security Information Response Teams; Portuguese):

Additional capacity building: The National Centre for Cybersecurity, https://www.cncs.gov.pt/, supports requests for the development of incident reaction capability through the creation of new Computer Security Information Response Teams (CSIRT).

Report a cyber incident to national CERT/CSIRT


CERT.PT - Cyber incidents can be reported to the National Centre for Cybersecurity. Procedures for incident handling are explained here:

1. Select type of cyber incident/problem e.g. malware, availability, intrusion, fraud etc.

2. Send email to cert@cert.pt with details about the incident.

3. For emergency cases, telephone: +351 210497399.

The Centre also provides onsite support (www.cncs.gov.pt/en/certpt_en/on-site-support/) for:

  • State organisations.
  • Operators of Essential Services.
  • Digital Service Providers.

Rede RCTS e organismos do Ministério da Educação e Ciência

Guidance and Updates

The Portuguese National Centre for Cybersecurity provides security alerts as well as advice on preventing cyber attacks.


Portuguese and English

Latest Update & Disclaimer

January 2021.


The information contained here is the result of desk research carried out by CYBERWISER.eu. 


Contact us for more info

Portugal (PT) | CYBERWISER.eu

CYBERWISER.eu Cyber Range & Capacity Building in Cybersecurity


The website encountered an unexpected error. Please try again later.