Portugal: National Cybersecurity Certification Authority adopted cybersecurity services certification scheme

On 8 October 2025, Portugal’s National Cybersecurity Centre (CNCS) adopted the Cybersecurity Services Certification Scheme to identify and value cybersecurity services across the country. The voluntary scheme applies to all organisations established in Portugal, covering services including incident monitoring and response, vulnerability management, threat intelligence, and penetration testing. Administered by CNCS as the National Cybersecurity Certification Authority and implemented through IPAC-accredited independent bodies, it offers two certification levels, including Basic and Substantial, and requires periodic assessments to ensure compliance. The scheme aims to create a national catalogue of reliable providers, enhancing trust, competitiveness, and integration into European cybersecurity markets.