Skip to content Skip to main navigation Skip to footer
Choose language:
Choose language:

Cybersecurity

Atualizado/Updated: 2026-02-17

PT

Cybersecurity is the set of practices, technologies, and processes designed to protect systems, networks, devices, and data from unauthorized access, attacks, damage, or interruptions. Its goal is to ensure the confidentiality, integrity, and availability of information.

What is a CSIRT?

A CSIRT (Computer Security Incident Response Team) is a specialized team responsible for detecting, analyzing, and responding to computer security incidents, such as attacks, vulnerabilities, unauthorized access, or malware.

CSIRTs are a central part of modern cybersecurity in public and private organizations.

According to the CNCS – Centro Nacional de Cibersegurança, CSIRTs have the following mission:

    • Monitor threats and vulnerabilities;
    • Alert entities about risks and incidents;
    • Provide technical assistance during incidents;
    • Collect and analyze forensic data;
    • Participate in national and international incident response networks.

CSIRT in Portugal

Portugal has a National CSIRT Network, coordinated by CNCS, with the aim of:

    • Building trust between teams;
    • Facilitating cooperation and mutual assistance;
    • Sharing best practices and incident statistics;
    • Promoting a national culture of cybersecurity.

CERT.PT, part of the CNCS, is the national incident response team operating 24/7, supporting:

    • Public administration;
    • Essential service operators;
    • The digital private sector;
    • Critical infrastructure.

CSIRT at Iscte

Iscte maintains a CSIRT integrated into its Security Operations Center (SOC), responsible for ensuring information security and responding to incidents that affect the institute’s community and technological infrastructure. This team has also been part of the National CSIRT Network since March 2022, strengthening collaboration and information sharing on threats with other national entities.

Main functions of Iscte’s CSIRT

The CSIRT/SOC performs a number of essential functions:

    • Continuous monitoring of Iscte’s IT infrastructure and real-time incident detection.
    • Technical response to incidents, including investigation, mitigation, coordination, and resolution.
    • Implementation and maintenance of security policies, including controls, detection mechanisms, and formal processes.
    • Iscte’s official point of contact with other national and international CSIRTs.
    • Ensuring secure communication between all parties involved in the incident response process.

Iscte’s RFC2350

Iscte publishes its own RFC 2350 document, which formally describes:

    • The scope of the CSIRT;
    • Incident response procedures and policies;
    • Official communication channels and contact methods;
    • Operational information relevant to external entities;
    • This document ensures transparency and alignment with international standards for incident response teams.