Cybersecurity and Governance


The subject Cybersecurity and Governance aims to provide students with fundamental knowledge about the new threats and risks within Cyberspace, Cybersecurity governance frameworks at the enterprise, national and international levels, as well as existing counter-cyberconflicts tools. This subject also aims to contribute to the understanding of the relevance and emergence of different actors and security measures.


General characterization





Responsible teacher

Lino Santos, Armando Marques Guedes


Weekly - 3

Total - 36

Teaching language



Not Applicable


Clarke, R. A. & Knake, R. K. (2011). Cyber war. HarperCollins.


CNCS (2020). Relatório Ética e Direito 2020. Observatório de Cibersegurança.


CNCS (2022). Relatório Riscos e Conflitos 2021. Observatório de Cibersegurança.


Demchak, C. C. & Dombrowski, P. (2011). Rise of a cybered westphalian age. Strategic Studies, 5(1), 32-61.


Denning, D. E. R. (1999). Information warfare and security. Reading MA: Addison Wesley.


Gozzi Jr, R. (1994). The cyberspace metaphor. Etc.: A Review of General Semantics, 51(2), 218.


Luiijf, E., Besseling, K., & De Graaf, P. (2013). Nineteen national cyber security strategies. International journal of critical infrastructures, 9(1), 3-31.


Libicki, M. C. (2012). Cyberspace is not a warfghting domain. ISJLP, 8, 321-336.


Klimburg, A. (2011). Mobilising cyber power. Survival, 53(1), 41-60.


Morozov, E. (2012). The net delusion: The dark side of Internet freedom. PublicAffairs.


Nye Jr, J. S. (2010). Cyber power. Technical report, Belfer Center for Science and International Affairs, Harvard Kennedy School.


O'Connell, M. E. (2012). Cyber security without cyber war. Journal of Conflict and Security Law, 17(2), 187-209.


O'neil, C. (2016). Weapons of math destruction: How big data increases inequality and threatens democracy. Broadway books.


Santos, L. (2012). Contributos para uma Melhor Governação da Cibersegurança em Portugal. In J. Bacelar Gouveia (ed.), Estudos Avançados de Direito e Segurança (Vol. II, pp. 217-305). Almedina.


Schmitt, M. (1999). Computer network attack and the use of force in international law: thoughts on a normative framework. Columbia Journal of Transnational Law, 37, 887-937.


Schmitt, M. N. (Ed.). (2017). Tallinn manual 2.0 on the international law applicable to cyber operations. Cambridge University Press.


Strate, L. (1999). The varieties of cyberspace: Problems in definition and delimitation. Western Journal of Communication, 63(3), 382-412.


West-Brown, M. J. et al. (2003) Handbook for Computer Security Teams (CSIRTs), CMU


Zuboff, S. (2019). The age of surveillance capitalism: The fight for a human future at the new frontier of power: Barack Obama's books of 2019. Profile books.


Teaching method

12 theoretical-practical lessons and 3 seminar


Evaluation method

Written examination, which may be replaced by written work.

Subject matter

  1. Introduction: Information, Information Security and Cybersecurity
    1. Cyberspace and Cyberspaces
    2. Information and Information Security therory
    3. Cybersecurity evolution
  2. Hackers, Crackers e other outlaws in Cyberspace
    1. Hacktivism, Cybercrime, Cyberterrorism and Cyberwar
    2. Tools, Tactics and Procedures
    3. Cyber Intelligence
  3. Cyberspace Regulation
    1. Portuguese Cyberspace Security Regulation Law
    2. NIS2 directive
    3. CER directive
  4. Fight against Cybercrime
    1. Budapeste Convention
    2. Portuguese Cybercrime Law
  5. Incident response and Cybersecurity crisis management
    1. Computer Emergency Response Teams (CERTs)
    2. Information Sharing and Alerting Centres (ISACs)
    3. Cybersecurity crisis management
    4. National and International cooperation
  6. Other public policies
    1. Coordinated vulnerability disclosure
    2. Cyber-higiene
    3. Risk management
    4. Certification
  7. Algorithms and future technologies
    1. Big data
    2. Artifitial Intelligence
    3. Blockchain
    4. Qantic computing