The new Portuguese Cybersecurity Law, approved by the Government at the beginning of the summer, introduces an unprecedented change: the creation of a legal framework that protects ethical hackers, i.e. professionals who act in good faith and on a non-profit basis, hacking into computer systems to identify vulnerabilities and prevent any attacks.
In an interview with ECO, Inês Antas de Barros argues that this is a topic that requires thorough debate. The VdA lawyer emphasises that the aim of the law is to increase organisational resilience, but warns that its practical application may entail risks.
'Although the intention of the national legislator to enhance organisational resilience—allowing organisations to benefit from the identification and reporting of vulnerabilities by third parties (ethical hackers)—is understandable, this provision must be interpreted with caution, to ensure that its practical application does not undermine that intention', asserts Inês Antas de Barros.
- Read the full article here.
