Boosting Portugal’s cyberspace security

The Government approved the draft law for the new cybersecurity legal scheme, as announced by the Minister of the Presidency António Leitão Amaro at the press conference following the Council of Ministers meeting, adding that "we have the challenge of turning Portugal into a safer country in cyberspace, too, which implies a new legal system".

The Minister noted that the "Portuguese people have experienced several disturbances, attacks, and assaults on cyberspace and relevant public or private infrastructure of all types" and "experienced how cyberspace attacks can lead to paralysing life, and how services can be stopped by these threats and aggressions".

The aims are to boost prevention and rapid recovery capabilities in the event of an incident and boost security levels and measures with the in line with the war against bureaucracy, that is, without setting up a highly complex system.

Given the European Act, the Government proposes a scheme "with as little red tape as possible". Instead of having a public pre-validation scheme, we have gone "for a scheme that some European countries follow of having a risk matrix based on the scale and critical nature of the companies and institutions", whereby they "self-classify and adopt prevention, reporting, and recovery measures and obligations".

Leitão Amaro said this is a "trust system based on each one’s risk structure given their function and in proportion with the scale of the services provided", where they adopt the suitable measures.

The intention is to have Portugal join "the restricted group of countries with a more discerning cybersecurity system, yet built on flexibility and simplicity", mitigating companies’ red tape costs.