- Alameda F.C. Infesta 47, São Mamede de Infesta, Porto
- info@orbcom.pt
- (+351) 225 400 069
The digitalisation of the Public Sector has brought clear benefits: faster services, greater proximity to citizens, processes less dependent on paper and a stronger ability to manage information at scale.
But it has also created a more demanding reality.
Today, public entities work with more systems, more platforms, more users, more data and more access points. When we talk about public information, personal data, essential services and citizens’ trust, any weakness can have an impact that goes far beyond technology.
The recent case of unauthorised access to data from users of Portugal’s National Health Service once again brought this issue into the spotlight. According to ECO, the unauthorised access may have occurred through the compromised credentials of a doctor, affecting more than 100,000 victims, with the Judiciary Police admitting the possibility that artificial intelligence may have been used to collect a large volume of information in a short period of time. The RTP also covered the case, highlighting the unauthorised access to SNS user records and the concerns this incident raises regarding data protection, access control and the response capacity of public entities..
This episode shows that cybersecurity in the Public Sector can no longer be seen as only a technical matter. It is a matter of continuity, trust, governance, efficiency and public responsibility.
When we talk about cybersecurity, it is common to look first at the attack: who entered, how they entered, what data was accessed and what impact it had.
But for organisations, the most important question should come earlier: what conditions allowed unauthorised access to have this level of impact?
In practice, many incidents do not happen only because there is an external threat. They happen because internal weaknesses make that threat more effective. The most common include compromised credentials, insufficient authentication, overly broad permissions, lack of continuous monitoring, processes with limited traceability and teams without ongoing cybersecurity training.
In a public context, these weaknesses become even more critical because the data belongs to citizens and the services support essential areas of society. A compromised credential may seem like only an access issue. But when that credential allows entry into systems containing sensitive information, the risk stops being individual and becomes institutional.
The information handled by public entities is not merely operational. It is citizens’ information.
It may involve health data, legal matters, institutional communications, mobility, internal documents, support requests, contracts, administrative decisions, contacts and the history of interactions with public services.
For that reason, protecting this data should not be seen only as a technical or legal obligation. It should be understood as part of the organisation’s mission. When a security failure occurs, the impact can be reflected across several dimensions: loss of public trust, exposure of personal data, service disruption , pressure on internal teams, reputational risk, the need for legal and regulatory response, and an increased perception of institutional vulnerability.
The Public Sector does not only need to be digitalised. It needs to be prepared to operate in a secure, traceable and resilient way.
The SNS case reinforces an increasingly clear reality: digital identity is now one of the most important attack surfaces. A valid credential, when compromised, can allow apparently legitimate access, make immediate detection more difficult and increase the impact of an incident.
For this reason, controlling credentials, permissions, authentication and access behaviours is no longer just a technical best practice. It is an essential condition for protecting sensitive information, especially in sectors such as healthcare, public administration and essential services.
Knowing who accesses what data, in what context, from where, with what permissions and with what behaviour is essential to reducing risk. Today, protecting the network perimeter is not enough. Organisations need to control identities, access and behaviours in real time.
This is where principles such as Zero Trust, multi-factor authentication, access management, segmentation, monitoring and anomaly detection stop being purely technical concepts and become essential practices for protecting the operation.
One of the biggest challenges for public entities is not only the lack of technology. Often, it is the existence of technology without sufficient integration, governance and visibility. Different systems, scattered databases, access with varying levels of control, manual processes and limited traceability can create a false sense of digital maturity.
An organisation may have several tools and still lack a clear view of who accesses information, where critical data is located, which processes depend on each system, which permissions are active, what changes have been made or which risks are accumulating. This is why cybersecurity must be connected to the operation. When a system fails, the operation feels it. When access is improper, trust is affected. When data is scattered, decision-making loses context.
Security is not built simply by adding solutions. It is built through strategy, governance, integration, monitoring and response capacity. At ORBCOM, we see cybersecurity as part of a broader strategy for secure digital transformation: a strategy that brings together operations, continuity, efficiency and operational control.
Protecting an organisation does not depend only on the ability to block threats. It also depends on how information flows, how processes are managed and the ability to keep critical activities under control.
In public entities and critical organisations, challenges such as information dispersion, lack of visibility over processes, management of distributed resources or coordination between teams can have a direct impact on efficiency, service continuity and response capacity.
For this reason, digital transformation must be viewed in a comprehensive way. Security, information organisation, traceability and operational efficiency are not isolated areas. They are dimensions that reinforce one another.
Events such as the Jornadas FCCN show precisely this reality: organisations are increasingly looking for solutions that simplify processes, improve collaboration, increase traceability and ensure greater control over essential operations.
Whether in resource management, citizen and user support, or the organisation of documentary and legal processes, the goal is the same: to create operations that are more resilient, more transparent and better prepared to respond to today’s demands.
The SNS case reinforces an essential idea: Public Administration cannot look at cybersecurity, operations and management as separate areas.
Security protects. Operations execute. Management decides. But when these dimensions are not aligned, risk increases.
A better-prepared public entity is one that can protect credentials and access, control sensitive information, detect anomalous behaviour, respond quickly to incidents, organise internal processes, ensure traceability, maintain operational continuity, train teams and improve the citizen experience.
Digital transformation is only sustainable when it combines security, governance and operational efficiency.
Get in touch with us at info@orbcom.pt.
The case of unauthorised access to SNS user data demonstrates the importance of controlling credentials, permissions and access in organisations that manage sensitive information. A compromised credential can enable improper access to critical data, especially when there is no adequate monitoring or visibility over who is consulting the information.
Compromised credentials can allow apparently legitimate access to internal systems, exposing personal data, health information, internal processes and essential services. This type of access is often difficult to detect immediately, increasing the potential impact of a security incident.
The cybersecurity directly affects service continuity, the protection of citizens’ data, public trust and the response capacity of organisations. For this reason, it should be seen as a strategic and operational priority, not just a technological responsibility.
No. Security does not depend only on the amount of technology implemented. Without integration, monitoring, access control and well-defined processes, an organisation can remain vulnerable even when using several tools. Visibility and governance are essential factors for reducing risk.
Public entities can strengthen their security posture through access control, multi-factor authentication, permission management, continuous monitoring, endpoint protection, cloud security, detection of anomalous behaviour and regular team training. Process traceability is also essential to prevent and respond to incidents.
The ORBCOM supports public entities through cybersecurity, cloud, infrastructure, networking, technology consulting and custom development services. It also provides solutions such as JAT Fleet, for fleet management, JAT Center, for centralised communications and service flows, and Rolling Legal, for legal process management. The goal is to increase security, operational efficiency and organisational response capacity.
Sign up to our newsletter and keep up with the latest insights.
If you would like to get to know ORBCOM better and understand how our products, consulting services and outsourcing, fit your reality, speak to a specialist.
