Portugal Approves NIS2: New Cybersecurity Rules for Public and Private Organizations

Portugal has officially approved the European NIS2 directive, establishing a new level of cybersecurity requirements at national level. The directive reinforces obligations for public and private organizations across multiple sectors, expanding the number of entities covered and introducing stricter criteria for risk management and incident response.

Key changes include:

• A broader range of entities now covered, classified as essential or important.

• More robust technical and organizational security measures.

• Strengthened incident reporting requirements.

• Mandatory supply chain risk management.

• Increased accountability for top management, with significant penalties for non-compliance.

  
  

CyberSafe is already supporting organizations in preparing for the new directive through maturity assessments, specialized consulting, managed security services, solution implementation, and team training.

The approval of NIS2 marks the moment to act.

Organizations should begin adapting as soon as possible to strengthen their digital resilience. Speak with our experts.