Portugal’s National Strategy for Cyberspace Security 2019-2023

June 2019

View the original document

Strategies and Action Plans

The ‘National Strategy for Cyberspace Security 2019-2023’ (NSCS) of Portugal outlines a comprehensive framework to enhance the country’s cybersecurity posture, addressing emerging threats, fostering innovation, and ensuring the security of cyberspace for all citizens and entities. Here are the key points of the strategy:

Strategic Vision and Objectives

Vision for 2023: Portugal aims to be a safe and prosperous country through innovative, inclusive, and resilient actions that uphold the values of the democratic rule of law and ensure the proper functioning of institutions in line with the digital evolution of society.

Strategic Objectives:

  1. Maximise Resilience:
    • Strengthen national digital resilience by enhancing inclusion and networking to safeguard cyberspace against threats that could disrupt essential network and information systems.
  2. Promote Innovation:
    • Foster and enhance national innovation capacity by positioning cyberspace as a domain for economic, social, and cultural development.
  3. Generate and Secure Resources:
    • Ensure adequate resources for building and sustaining national cybersecurity capacity.

Intervention Axes

The strategy is structured around six intervention axes that form concrete lines of action aimed at reinforcing national strategic potential in cyberspace:

  1. Cyberspace Security Structure:
    • Establish strong leadership and governance for cybersecurity.
    • Enhance the capabilities of the National Cybersecurity Centre as the National Cybersecurity Authority.
    • Strengthen national cyber defense and cybersecurity capacities, including those of the Armed Forces and Security Forces.
  2. Prevention, Education, and Awareness:
    • Promote a culture of security through education and awareness.
    • Develop digital skills and cybersecurity knowledge among citizens, public bodies, and companies.
    • Encourage the integration of cybersecurity themes in education and advanced technical training.
  3. Cyberspace Protection:
    • Identify and protect critical information infrastructures.
    • Promote continuous development of prevention, detection, response, and recovery capabilities for cyberspace security.
  4. Response to Threats and Combating Cybercrime:
    • Enhance threat response capabilities and foster cooperation between public and private entities.
    • Adapt legal frameworks to address cybercrime and facilitate international cooperation.
    • Promote the creation and sharing of knowledge on cybersecurity threats and best practices.
  5. Research, Development, and Innovation:
    • Support national research and innovation in cybersecurity.
    • Encourage public and private sector collaboration in developing cutting-edge cybersecurity technologies.
    • Promote the development of secure-by-design products and services.
  6. National and International Cooperation:
    • Strengthen national and international cooperation in cybersecurity.
    • Participate actively in international cybersecurity and cyber defense organisations and initiatives.
    • Promote Portugal’s international presence and strategic partnerships in cybersecurity.

Implementation and Review

The NSCS 2019-2023 includes an Action Plan that will be prepared within 120 days of the strategy’s approval. This plan will be articulated with other national strategies, such as the National Strategy for Counter-Terrorism and the ICT 2020 Strategy. The strategy will be subject to annual reviews by the National Cybersecurity Council to ensure its objectives and action plans remain relevant and effective in addressing evolving cyberspace threats.

Overall, the NSCS 2019-2023 aims to create a secure, resilient, and innovative cyberspace environment in Portugal, capable of supporting economic growth, protecting national interests, and ensuring the safety and well-being of its citizens.