From assessing Portuguese municipal councils to evaluating more than 3000 public service portals worldwide, the work of INESC TEC researchers Diogo Ribeiro and João Marco Silva puts the cybersecurity of public administration at the centre of the debate.
Municipal council websites are now the main gateway through which many citizens access state services. They allow the submission of documents, checking of processes, and sharing of personal data. But how secure are these channels, really? This is the question that Diogo Ribeiro, an INESC TEC researcher and PhD student at the University of Minho, and João Marco Silva, also an INESC TEC researcher and lecturer at the School of Engineering of the University of Minho, have been trying to answer – and the findings are noteworthy.
The global analysis was presented at the latest Open Worldwide Application Security Project (OWASP) meetup in Porto, one of the world’s leading organisations in application security. The presentation Peeking Behind the Portal: Assessing E-Gov Security in Practice drew on data from scientific publications in this field to paint a picture of the security of more than 3000 public service portals around the world – in particular, identifying the most common vulnerabilities, recurring configuration issues and, above all, what is at stake for citizens who regularly interact with these systems.
OWASP Porto meetups are informal gatherings of the region’s cybersecurity community, held every two months, bringing together professionals in the field, including industry representatives, in a space for sharing and discussing ideas. “These events are a unique opportunity to share research findings with the people who work on the ground every day,” said Diogo Ribeiro.
This work began at the national level. As part of the Internet Presence Index of Municipal Councils (IPIC), a biennial study developed by the University of Minho, the Agency for the Technological Reform of the State (ARTE) and the United Nations University Operating Unit on Policy-Driven Electronic Governance (UNU-EGOV), INESC TEC researchers were responsible for assessing the security posture of all 308 Portuguese municipalities – one of the main new features of the 2026 edition. The results were presented by João Marco Silva at the results presentation session, held at UNU-EGOV’s facilities on the Couros campus in Guimarães, with representatives from several municipalities in attendance.
“The aim is not just to measure problems, but also to help solve them,” João Marco Silva emphasised. For INESC TEC, these results reinforce the role of applied research in improving the State’s digital security.
News, current topics, curiosities and so much more about INESC TEC and its community!
