The Government approved a new cybersecurity regime that transposes the EU's NIS2 Directive into national law; the rules are due to take effect in April. The law imposes stronger security duties on businesses and public bodies, introduces million-euro fines for breaches and raises reputational risks for organisations that fail to comply. Companies operating in Portugal should assess NIS2-related responsibilities now and prepare governance, incident-reporting and compliance measures. Business owners and IT managers should prioritise cyber readiness ahead of the April deadline.