C-DAYS 2026: discussing cybersecurity and digital sovereignty in Porto.

Portugal’s National Cybersecurity Centre’s annual conference will take place from 16 to 18 June at the Alfândega do Porto Congress Centre. The in-person event is free to attend, subject to prior registration. This year's programme includes a session dedicated to sovereign cloud and the Portugal Digital Strategy.  

This year's conference coincides with organisations adapting to the new Cybersecurity Legal Framework, which was approved by Decree Law No. 125/2025 on 4 December. This new framework will apply to around 6,000 entities in Portugal and their management, executive and administrative bodies. It introduces new responsibilities in the areas of cybersecurity, governance and resilience.  

While maintaining its focus on the pillars of Resilience, Prevention and Trust, which have guided previous editions of the conference, the C-DAYS 2026 programme reflects this context. 

Sovereign Cloud on the Agenda  

One of the sessions on the programme is the Governance Talk, 'Sovereign Cloud: National Strategy', which is scheduled to start at 16:45. 

The session will begin with a discussion on sovereignty in cyberspace and the challenges associated with the digital autonomy of states.  

The panel will discuss the national sovereign cloud strategy, as well as the necessary mechanisms and initiatives to implement it. Topics for discussion will include how to increase cybersecurity maturity, strengthen the capabilities of national cloud service providers and data centres, and coordinate existing offerings among Portuguese entities.  

Bringing together perspectives from public administration, academia and the data centre sector, the session will feature Ricardo Simões Santos from the Agency for Technological Reform of the State, Rui Ribeiro from Lusófona University and Luís Duarte from PortugalDC. 

The Portugal Digital Strategy and the National Sovereign Cloud Plan  

The sovereign cloud is one of the priorities set out in the Portugal Digital Strategy's 2026–2027 Action Plan, which aims to promote a more digital, sovereign and inclusive Portugal. The strategy sets out the ambition to place the country among the ten most advanced EU Member States in terms of digital transformation by 2030.  

Under the infrastructure pillar, the plan provides for a strategic review covering sovereign cloud, data centres, submarine cables and 5G coverage. The aim is to strengthen Portugal’s digital resilience and sovereignty.  

This work is aligned with the National Sovereign Cloud Plan, which was approved by the Council of Ministers in Resolution No. 102/2026. The plan's objectives include reinforcing the state's digital sovereignty, increasing the resilience of critical infrastructure and ensuring greater control over public administration data and systems.  

The Agency for Technological Reform of the State and the National Cybersecurity Centre will monitor the plan. Training for public administration leaders and digital sovereignty specialists is also planned.  

Against this backdrop, C-DAYS 2026 provides a platform to further explore the intersection of cybersecurity regulatory frameworks and digital public policy priorities, in line with European objectives for the security of networks and information systems. 

Programme and participation 

Spanning three days, C-DAYS 2026 will feature plenary sessions, thematic debates, and technical workshops led by specialists. The programme is structured around the National Cybersecurity Centre's main areas of activity, including: Awareness, Education and Training; Capacity Building; Situational Awareness; Incident Prevention and Response; Regulation and Supervision; Cybersecurity Certification; and Coordinated Vulnerability Disclosure. 

Participation in the workshops requires prior registration via a dedicated form. Each participant may register for up to four sessions, with places allocated on a first-come, first-served basis.  

The conference is aimed at representatives of public administration, public and private entities, decision-makers, managers, technical professionals, academia, civil society and citizens with an interest in cybersecurity.  

Further information is available at digitalGOV