In an article published by SAPO Tek on the entry into force of the new Cybersecurity Legal Framework, Catarina Mascarenhas, of counsel at Abreu Advogados, highlights the main practical challenges that the new framework poses for the organisations concerned.
Catarina Mascarenhas notes that the obligations arising from the new regime may represent, for many entities, “an operational challenge”, particularly with regard to incident reporting. According to the lawyer, compliance with the new requirements presupposes prior preparation, the adoption of tested internal procedures, and a review of contracting policies with information technology suppliers and providers of critical services.
It is also emphasised that cybersecurity is no longer a matter confined to the IT function, but is now a cross-organisational responsibility, with particular relevance at senior management level. Under the new regime, management bodies must approve cybersecurity measures, oversee their implementation, and bear direct responsibility for compliance with the applicable legal obligations.
Read the full article here.
