The strategy defines the following priorities for prevention, overall education and awareness-raising:

• Information sharing in early threat assessment as a crucial safeguard. The evolving threat landscape requires a national capacity to detect and discover indicators associated with potential and on-going threats. Hence it is critical to develop the ability to obtain, in an automated, systematic and coherent way, knowledge about these indicators. The end result should be an extensive body of knowledge of the national cyberspace ecosystem underpinned by effective security measures, which are defined in the National Cybersecurity Framework (April 2020).
• Promoting a culture of security, framed by the principles of ethics, ensuring the knowledge, awareness and confidence needed to use information systems and networks, reducing exposure to risks. Such awareness needs to cover public bodies, companies and civil society. 
• Equipping the country with qualified human resources to deal with complex cybersecurity challenges. Users of technology infrastructures, network and information systems need to take measures to prevent risks they are exposed to. Thus, permanent awareness is an essential factor. To achieve this, the following actions should be taken:
  • Strengthening the means of information collection and processing, analysis capabilities.
  • Ensuring knowledge of threat agents, intentions and capabilities, as well as assessment of potential impacts.
  • Anticipating the emergence, evolution and mutation of threats to enable timely adoption of resilience measures. 

Cyberspace Protection: 

• Identifying and reinforcing knowledge about the critical information infrastructures, drawing on national and international cyberspace security legal framework.
• Promoting the continuous development of the capabilities and maturity of national entities for the prevention, detection, response and recovery from adverse cyberspace security scenarios that may impact their network and information systems and ecosystem, building the mutual trust, the sharing of information and knowledge, and the quick and effective cooperation.
• Promoting national and sectoral cyberspace protection cooperation structures, including the public sector at central, regional and local levels, and the private sector, including small and medium-sized enterprises, for information sharing and the promotion of mutual collaboration in the protection of common interests.
• Ensuring the application of mechanisms and incentives to enable the development of national and international cyberspace security management frameworks and their adoption by national authorities with responsibilities for critical infrastructures and essential services.
• Enhancing threat response capacity by maximising the synergies created by the cooperation and trust that exist between computer security incident response teams, enabling the creation of new teams of this nature in all public and private bodies, with responsibility for the security of network and information systems. 
• Promoting, at the sectoral and business level, the creation of outside operational and technical information sharing foruns, a coordinated response to security incidents and the production of specific safety references, ensuring their connection with their international counterparts, if any, and their alignment with the relevant references.
• Consolidating and promoting the national capacity to know cyberspace security threats, in a collaborative manner between national authorities with responsibility in this area and with the active participation of public and private bodies, thereby producing and sharing aggregate knowledge that enable anticipation of impacts, proactive action and better awareness of the threat for all concerned; Encourage and boost the participation of computer security incident response teams in national and international cyberspace security fora, benefiting from knowledge sharing and peer confidence building.

The 2019 strategy is aimed at creating a more resilient society by:

• Stimulating the development of digital skills of citizens, such as the «National Digital Skills Initiative e.2030 — INCoDe.2030».
• Creating tools and strengthening civil society awareness-raising measures for the safe and responsible use of digital technologies, with particular emphasis on capacity building and knowledge gained by children, adolescents, seniors and other groups at risk.
• Promoting a robust and cross-cutting cybersecurity training programme for all organisations and citizens, enabing them to understand their responsibilities, using and adequately protecting information and resources. 
• Strengthening cybersecurity skills and knowlwdge in education, including the syllabuses of primary, secondary and tertiary education and continuing teacher training. 
• Promoting digital education and lteracy as a prerequisite for trust in and use of new digital and technology resources by new generations, especially vulnerable groups, in an informed and responsible manner. 
• Encouraging the identification of young people with high potential for cybersecurity and promoting their timely integration into a professional context. 
• Promoting advanced technical training on cyberspace security in universities and polytechnics to meet national needs for professionals in the sector. 
• Valuing informed and responsible behaviour when using technology as an integral part of academic and professional training. 
• Promoting specialised training and raising awareness amongst decision makers, public managers and operators of critical infrastructures and organisations providing essential services to society with a view to safeguarding national critical information. 
• Placing greater emphasis on professionals in cyberspace security, increasing the number of specialists, qualifying professions and involving various actors from all facets of society. 
• Ensuring a high level of cybersecurity training and requalification courses with certifications. 
• Creating a retention mechanism for national human resources qualified in cybersecurity. 
• Organising and conducting exercises to assess the preparedness and maturity of organisation in dealing with incidents and their impacts coupled with enhanced synergies across the ecosystem and taking part in international exercises. 
• Leveraging national and international military and police education and training structures to build specific teaching structures in Portugal aligned with the North Atlantic Treaty Organisation (NATO) and the European Union (EU) and associated initiatives to deepen knowledge of cyberspace and taking adequate preventive measures. 
• Promoting specific awareness programmes with public and private institutions aimed at strengthening the behavioural aspect of security in digital environments based on the sharing of specialised knowledge about threat agents and their modus operandi. 
• Raise awareness among national entities about specific vulnerabilities that could be infiltrated, exploited or subverted by threat agents. 

• School of Management and Technology - Polytechnic of Porto – Bachelor Degree in Computer Networks Security. Year established: 2010. Student Intake: 30.  European Credit Transfer System (ECTS): 180. Focus: Some modules cover system security.

• School of Technology and Management of Polytechnic of Leiria – Master Degree in Cybersecurity and Digital Forensics. Year established: 2017. Student Intake: 40.  European Credit Transfer System (ECTS): 120. Focus: Combines modules on system security with legal, privacy and organisational disciplines.

• Universidade de Lisboa, Escola Naval – Master Degree in Information Security and Cyberspace Law. Year established: 2014. Student Intake: 25. European Credit Transfer System (ECTS): 120. Focus: System security, network security, component security, SW security.

• University of Lisbon - Master Programme in Information Security. Year established: 2009. Student Intake: 15. European Credit Transfer System (ECTS): 120. Focus: System security, network security, component security, SW security.

• University of Aveiro – Master Degree in Cybersecurity. Year established: 2020. Student Intake: 25. European Credit Transfer System (ECTS): 120. Focus: System security, network security, component security, SW security with other modules included.

• Faculdade de Ciências da Universidade do Porto – Master Degree in Information Security. Year established: 2014. Student Intake: 26. European Credit Transfer System (ECTS): 120. Focus: System security, network security, component security, SW security.

• Instituto Politécnico de Viana do Castelo – Master in Cybersecurity. Student Intake: 30. European Credit Transfer System (ECTS): 120.

January 2021. 

The information contained here is based on desk research carried out by CYBERWISER.eu, including the ENISA interactive maps on national strategies and educational courses. 

National Centre for Cybersecurity (Centro Nacional de Cibersegurança – CNCS; Portuguese and English) is the Portuguese national authority for cybersecurity in coordination with all competent authorities and implementing measures necessary to safeguard critical infrastructures and national interests from cyber threats.

• Working with operators of essential services, digital service providers and government organisations in view of their critical role in ensuring the proper functioning of society.
• Ensuring the creation of legal benchmarks for cybersecurity.
• Developing national capacities for preventing, monitoring, detecting, analysing and taking actions to tackle cyber incidents.
• Contributing to the security of information and communication systems of government organisations, operators of essential services and digital service providers. 
• Promoting the training and qualification of human resources on cybersecurity to create a community of knowledge and national culture of cybersecurity.
• Supporting the development of technical, scientific and industrial capabilities, promoting projects for innovation and development in the area of cybersecurity.
• Ensuring the planning of cyberspace use in critical situations within the frame of emergency civil planning under Decree-Law 73/2013.
• Coordinating the international co-operation on cybersecurity issues, in coordination with the Ministry of Foreign Affairs.
• Coordinating the transposition of NIS Directive (EU Directive 2016/1148) on measures to ensure a high common level of network and information security across the Union to internal legal order.

CERT.PT is tasked with responding to incidents affecting government organisations, critical infrastructures, operators of essential services, digital service providers, and the national cyberspace, including any device belonging to a network. CERT.PT is an accredited member of the Trusted Introducer.

National Network of CSIRTs (Computer Security Information Response Teams; Portuguese):

• RCTS CERT - education and research network: established 2008; info@cert.rcts.pt.
• NOS established 2008
• Cabovisão established 2008
• CC-CRISI (EMGFA)
• Portugal Telecom - telecommunications: established in 2009
• Claranet Portugal - Claranet members: established in 2009
• CSIRT.UPORTO established in 2009
• ONI communications established in 2010
• IP Telecom established in 2010
• Millennium bcp established in 2010
• Caixa Económica da Misericórdia de Angra do Heroísmo established in 2011
• IGFEJ- Instituto de Gestão Financeira e Equipamentos da Justiça, IP established in 2011
• EDP - Energias de Portugal established in 2011
• INESC established in 2012
• UTIS established in 2012
• Dognaedis established in 2012
• Caixa Geral de Depósitos established in 2012
• PTServidor established in 2012
• Vodafone Portugal - Vodafone corporate network: established in 2013
• ayer8 established in 2014
• Novo Banco established in 2015
• Seedrs established in 2017
• Banco de Portugal established in 2017

Additional capacity building: The National Centre for Cybersecurity, https://www.cncs.gov.pt/, supports requests for the development of incident reaction capability through the creation of new Computer Security Information Response Teams (CSIRT).

CERT.PT - Cyber incidents can be reported to the National Centre for Cybersecurity. Procedures for incident handling are explained here:

1. Select type of cyber incident/problem e.g. malware, availability, intrusion, fraud etc.

2. Send email to cert@cert.pt with details about the incident.

3. For emergency cases, telephone: +351 210497399.

The Centre also provides onsite support (www.cncs.gov.pt/en/certpt_en/on-site-support/) for:

• State organisations.
• Operators of Essential Services.
• Digital Service Providers.

Rede RCTS e organismos do Ministério da Educação e Ciência

• Team Email 1: report@cert.rcts.pt
• Team Email 2: cert@cert.rcts.pt

The Portuguese National Centre for Cybersecurity provides security alerts as well as advice on preventing cyber attacks.

Portuguese and English

January 2021.

The information contained here is the result of desk research carried out by CYBERWISER.eu.