Wednesdays@DEI: Talks, 27-05-2026

Title: Cybersecurity challenges and regulatory compliance for organizations
Abstract: In recent years, organizations have undergone a transformation driven by increasing competition, digital transformation, stricter requirements and controls imposed by various regulators and supervisors, and greater scrutiny from stakeholders due to their exposure. This evolution stems primarily from growing cybersecurity threats and the need for organizational resilience. As cyberattacks and security breaches become increasingly common, regulatory requirements and customers themselves become more demanding, and top management’s concern about having an approach to adequately address these risks grows. In this session, we will seek to understand the challenges organizations face and the challenges imposed on them by increasingly demanding regulations.
Speaker: Luís Carlos Fernandes, PwC Portugal
Bio: Luís Carlos Fernandes is Director of the Cybersecurity & Privacy area at PwC Portugal and responsible for the Governance, Risk & Compliance area. He has 14 years of professional experience in auditing and consulting in the fields of information systems, security, processes, and risks/controls.
He holds a degree in Computer Science and Engineering from Instituto Superior Técnico and an Advanced Development Program from Nova School of Business & Economics. He is certified as an ISO 27001 Lead Auditor, ITIL v3 Foundation, OneTrust Privacy Professional, OneTrust Third-Party Risk Management Expert, and is a member of the Information Systems Audit and Control Association (ISACA).
He is one of the leaders responsible for the DORA and NIS2 practice at PwC, advising several organizations on their compliance journeys.
In recent years, he has developed his practice across various industries (e.g., Oil & Gas, Financial Services, and Telecommunications), helping clients implement and comply with several frameworks and regulatory requirements such as NIS2, DORA, EBA Guidelines (ICT & Security Risk Management; Outsourcing Arrangements), ESMA Guidelines (cloud outsourcing), ITIL, Cobit, ISO 27001, ISO 20000, and NIST CSF.
