CNCS publishes Regulation operationalising the Legal Framework on Cybersecurity

2026-06-25T17:32:00
Portugal
Implements NIS 2 in Portugal by regulating the platform, notifications and compliance with cybersecurity obligations
CNCS publishes Regulation operationalising the Legal Framework on Cybersecurity
View document
June 25, 2026

Key Aspects

  • On 22 June 2026, Regulation No. 756/2026 of 22 June was published, implementing the Legal Framework on Cybersecurity, approved by Decree-Law No. 125/2025 of 4 December, which transposed Directive (EU) 2022/2555 (“NIS 2 Directive”). For further information, see our Legal Flash New Legal Regime on Cybersecurity
  • The Regulation clarifies the obligations applicable to essential entities, important entities and relevant public entities
  • An electronic platform of the National Cybersecurity Centre is established for registration, self-identification, classification, incident reporting and other mandatory communications.
  • The Regulation governs the reporting of incidents with significant impact and communications with the competent cybersecurity authorities.
  • It also approves the National Cybersecurity Reference Framework, the Risk Matrix, compliance levels and mandatory minimum cybersecurity measures.
View document
June 25, 2026

In the news

More details

Indicate your preferences to receive email alerts on specific areas of interest

Let us know your interests and receive our legal alerts:

Choose areas of interest