La Ciberseguridad Industrial en Portugal

Team

Paulo Coelho

Paulo Coelho is a Senior Engineer at Ordem dos Engenheiros (Portugal), has a degree in Electrical Engineering – Automation and Industrial Electronics, by ISEL, Instituto Superior de Engenharia de Lisboa, and has more than 28 years of professional experience. He started his career in June 1995, as a trainee, and from October 1995 to 2000, […]

Paulo Coelho, the Industrial Cibersecurity Center Coordinator in Portugal (CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in his country, and to do so, he shares with us his impressions.

He describes the level of sensitivity of industrial organizations in his country according to the following percentages:

 

He also affirms that the trend of recent years has grown slightly in awareness.

Portugal counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:

  • National Cybersecurity Center, CNCS
  • CERT.PT (CNCS)
  • National CSIRT Network
  • National Unit to Combat Cybercrime and Technological Crime (UNC3T), Polícia Judiciária

Among the main national laws and regulations affecting in this context in Portugal, Paulo Coelho mentions:

  • Legal Framework for Cyberspace Security (Law No. 46/2018, of August 13, which transposes Directive (EU) 2016/1148 – NIS)
  • Regulation of the Legal Framework for Cyberspace Security (Decree-Law No. 65/2021, of 30 June)
  • Technical instruction on communications between entities and the CNCS (Regulation No. 183/2022, of February 21)
  • National Cyberspace Security Strategy 2019-2023 (Council of Ministers Resolution No. 92/2019, of June 5)
  • Procedures for identifying, designating, protecting and increasing the resilience of national and European critical infrastructures (Decree-Law No. 20/2022, of 28 January)

Analysing the most widely adopted industrial cybersecurity measures by Sweden organizations to protect industrial automation systems, Paulo Coelho highlights the application of:

  • Conventional Firewalls
  • IDS/IPS
  • Backups
  • Antivirus

The CCI Coordinator in Portugal characterizes the industrial cybersecurity situation in his country with the following SWOT analysis:

Weaknesses

  • Lack of Certifications of OT technology, processes and professionals


  • Lack of specific regulations on industrial cybersecurity


  • Falta de un catálogo de soluciones y servicios en ciberseguridad industrial


  • Falta de CERTs específicos



Strengths

  • Promotion from public organizations (Industry, Interior and Defense)



  • Frequent holding of events and forums on industrial cybersecurity



  • National cybersecurity certification ecosystem




Threats

  • Application of IT security measures without criteria


  • High development of industrial applications without cybersecurity requirements


  • slow legislation


  • Shortage of local cybersecurity professionals in industrial manufacturers



  • Shortage of specific risk management tools for Industrial Cybersecurity



Opportunities

  • Increased of cibersecurity demand for Industry 4.0 and the Internet of things


  • Strategic position in the industrial cyber security sector



Patrocinadores del Centro en el País

Join our ecosystem for free

Industrial Cybersecurity Center

Industrial Cybersecurity Center
Networking, knowledge and Experiences.

©   Industrial Cybersecurity Center. Legal notice & Privacy policy.

Cookies

Paseo de las Delicias, 30, 2º
E-28045 · Madrid

+34 910 910 751
info@cci-es.org