This was heard at today's seminar 'The maturity level of Vietnamese enterprises and organizations in their readiness to respond to incidents' held in Hanoi by the National Cyber Security Association (NCA).
It was reported at the seminar that currently, nearly 53 percent of enterprises and organizations in Vietnam do not have adequate technological solutions to respond to cybersecurity incidents; plus, more than 56 percent do not have enough specialized personnel for cybersecurity.
In 2024, Vietnam faced up to 659,000 cybersecurity attacks, impacting approximately 46.15 percent of agencies and businesses nationwide.
According to the NCA, most Vietnamese enterprises lack the necessary capabilities, processes, and preparedness to effectively respond to these threats. Cisco’s latest cybersecurity report further underscores this concern, revealing that only 11 percent of organizations in Vietnam have achieved a mature level of readiness to handle cybersecurity incidents.
According to Head Vu Ngoc Son of the NCA Technology Research Department, Vietnam's limited response capacity can be attributed to several key factors including the absence of fundamental, integrated cybersecurity solutions to safeguard systems, the rapid evolution of technology and digital transformation, particularly the surge of AI, which leaves businesses struggling to keep pace.
Moreover, the significant rise of highly skilled professional cybercrime organizations, including those operating across borders and a lack of specialized personnel along with inadequate cybersecurity skills among most users are also the culprits of the country's poor response to cybersecurity incidents.
At the seminar, Major Tran Trung Hieu, Deputy Director of the National Cyber Security Center, highlighted several recent cyberattacks that have caused significant damage in Vietnam. He noted that most incident reports were submitted late to the authorities, with incomplete logs and disabled monitoring systems. Many organizations were unprepared to manage such incidents, often lacking data backups or contingency plans for system isolation, resulting in a reactive and passive response.
According to Major Tran Trung Hieu, effective prevention of cybersecurity incidents begins with regular training to enhance awareness and skills at the individual level within organizations. He emphasized that when all members are equipped with sufficient knowledge of cybersecurity and competencies while other measures—such as implementing new technologies and processes—can be applied more effectively.
