On September 1, 2023, Resolution No. 44/2023 (the “Resolution”) was published in the Official Gazette, by which the Cabinet of Ministers Office ordered the implementation of the Second National Cybersecurity Strategy (the “Second strategy”) and created the Cybersecurity Cooperation Management Unit (the “Management Unit”).
Pursuant to the Resolution, the Second strategy was designed as a result of a Public Consultation process in which public and private interested parties offered proposals, recommendations, and testimonies. The Second strategy aims at providing continuity to the first National Cybersecurity Strategy enacted by the Executive Branch in 2017 through Decree No. 577 -later modified by Decree No. 480/2019- and to promote measures that guarantee a safe cyberspace utilization. Said measures include:
- The implementation of public policies from the national government to assist in the generation of institutional instances to address the problem at regional levels in the Executive, Legislative, and Judicial Branches;
- Promoting the deployment of strategies, policies and actions aimed at the protection of critical national infrastructure;
- Adoption of the required measures to ensure an adequate level of security and recovery of the information and systems utilized by the Public Sector;
- Strengthening capacities for the prevention, detection, monitoring, response and recovery from illegal or improper use of cyberspace;
- The generation, adaptation, updating, and adoption of regulatory frameworks, standards and protocols to meet the challenges posed by the risks of cyberspace, ensuring respect for fundamental rights; and
- Promoting the development of national industry in sectors related to cybersecurity.
Moreover, the Resolution mandates the creation of the Management Unit, whose functions include, among others, the development of the provisions set forth in the Second strategy, the submission of policies, programs, and projects for the updating of the cybersecurity regulatory framework to the Public Innovation Secretariat, as well as the execution of any other activity requested by the latter.
