Regulation 756/2026: what changes in cybersecurity in Portugal and how to prepare your organisation

Cybersecurity Regulation 256_2026

Regulation 756/2026: what is changing in cybersecurity in Portugal and how to prepare your company

Regulation No. 756/2026 implements the new Legal Framework for Cybersecurity in Portugal and turns cybersecurity into a demonstrable responsibility of governance, risk, evidence, incident response and operational resilience.

⏱️ Estimated reading time: 4 minutes

Regulation No. 756/2026, of 22 June, has been published, implementing the new Legal Framework for Cybersecurity in Portugal. This regulation operationalises several obligations provided for in Decree-Law No. 125/2025, the legal instrument that transposed the NIS2 Directive into Portuguese law.

For companies, the message is clear: cybersecurity is no longer only a technical topic. It is becoming a demonstrable responsibility of governance, risk, evidence, incident response and operational resilience.

Change management in information systems: a business continuity risk that cannot be ignored

Managing_Changes

Change management in information systems: a business continuity risk that cannot be ignored

Change management in information systems is not just a technical issue. When a change may affect critical processes, services, data, suppliers or operational capacity, it must also be analysed as a business continuity risk.

⏱️ Estimated reading time: 6 minutes

Some questions seem technical, but reveal a much broader concern.
One of them is this: “Is there any training course on change management in information systems?” The answer is yes. But the most important part of the answer is not only the name of the training course. It lies in understanding what this question really means.

Frameworks vs Regulations: what do you really need to implement?

Frameworks vs Regulations_eng

Frameworks & Regulations • Article

Frameworks vs Regulations: what to implement and why

⏱️ Estimated reading time: 8 minutes

Frameworks vs regulations is one of the most common questions for organisations that need to improve maturity, meet legal obligations and avoid duplicated compliance work.

Frameworks vs regulations: comparison between best practices and legal requirements

In a world saturated with standards, frameworks, directives and regulations, many organisations face the same question:
After all, what should we implement? ISO/IEC 27001? NIST? NIS 2? DORA? Everything?