Cybersecurity is not a “game” that can be considered later, but a strategic responsibility that needs to be prepared in advance, early on. Digital transformation will be difficult to maintain sustainable success without cybersecurity.
The digital transformation process is taking place strongly, along with that, cyber security attacks are constantly increasing in both quantity and severity. However, most Vietnamese organizations and businesses still do not have enough capacity, processes or necessary preparations to deal with cyber security incidents...
Is Vietnam a “gray zone” in cybersecurity?
According to a survey by the National Cyber Security Association (NCA), by the end of 2024, 52.89% of businesses and organizations in Vietnam do not have adequate technological solutions to respond to cybersecurity incidents, and 56.16% do not have enough specialized personnel for cybersecurity.
According to Cisco's 2025 Cybersecurity Readiness Index, only 11% of businesses and organizations in Vietnam have reached the maturity level of being ready to respond to cyber security attacks. This is an alarming number when Vietnam is in the process of strong digital transformation. Are we in the "gray zone" of cybersecurity?
Explaining this issue, Mr. Vu Ngoc Son, Head of Technology Research, National Cyber Security Association, said that he had to look for the original report, which included specific criteria to come up with this assessment. Accordingly, one of the criteria considered by Cisco is the application of artificial intelligence in cyber security activities.
According to Mr. Vu Ngoc Son, in reality, although artificial intelligence has developed strongly in many fields recently, not all units and organizations can meet the criteria for applying artificial intelligence, even for businesses, organizations, and units specializing in technology. Considering the rate of 11% of units and organizations in Vietnam reaching the level of maturity to respond to cyber security attacks compared to the world average of 4%, it is not too pessimistic.
Accordingly, business and organization leaders must be the first to proactively participate in solving the problem of incident response capacity.
“Cybersecurity is not a “game” that can be considered later, but a strategic responsibility that needs to be prepared in advance, early on. Establishing technological solutions, building response processes, raising awareness, practicing and cooperating with experts should be an essential part of the risk management plan of every organization and business, large or small,” Mr. Vu Ngoc Son emphasized.
Sharing the same view, Major Tran Trung Hieu, Deputy Director of the National Cyber Security Center, Department of Cyber Security and High-Tech Crime Prevention (A05), Ministry of Public Security, said that with the requirement of rapid digital transformation, businesses and organizations have to apply technology without paying attention to cyber security. The consequence is an increase in both the number and sophistication of cyber attacks, which is posing an urgent need to improve cyber defense capabilities.
Cybercriminal psychology of “leaving me alone”
These attacks are not only about stealing data or destroying systems, but also target important government agencies and large enterprises, which can seriously affect national security and social order.
“A very common view among units, organizations, and businesses today regarding cyber attacks is that “it will probably spare me.” This makes cyber security issues more likely to have serious consequences, meaning that the unit does not have backup measures or backup measures for the sake of it. When an incident occurs, it is very difficult to restore the system,” Major Tran Trung Hieu assessed.
“For those of us working in cybersecurity, there are only systems that have been hacked and have not been exposed or systems that are about to be hacked. No system is absolutely safe,” the Deputy Director of the National Cyber Security Center emphasized.
According to the representative of A05, from the end of 2023 to April 2025, there were a series of cyber attacks on many agencies, organizations, and businesses in many different industries. During the investigation, the unit discovered traces of cyber criminals having infiltrated and been lying dormant in the system for a long time.
“When reviewing and investigating, there were cases where hackers understood the operations better than the employees and officials in the attacked organization or business. They infiltrated the organization and stayed there for up to 9 months to learn the entire process and operations before officially attacking and transferring money out,” said a representative of A05.
Analyzing the cause, Major Tran Trung Hieu said that one of the major challenges is that cybersecurity human resources in Vietnam are lacking in quantity and weak in quality.
“There are large banks that have invested in a network security monitoring system (SOC), but in reality, they only monitor it 8 hours a day, and not at night. This unintentionally creates a gap for hackers. Many businesses not only lack good personnel but also lack personnel to operate technical systems,” said Major Tran Trung Hieu.
In addition, another factor is that policies and laws on cybersecurity are not yet complete, so Department A05 is consulting on revising and promulgating standards and regulations on cybersecurity.
Artificial Intelligence Reshapes Cybersecurity
Speaking to the press on May 22, Mr. Simon Green, President of Asia-Pacific and Japan of Palo Alto Networks, commented: Artificial intelligence is reshaping the competitive landscape of businesses in the region, opening up technological breakthroughs at an unprecedented speed. However, this technology is also changing the cybersecurity landscape, creating conditions for cyber attacks to take place faster, more sophisticated and with clearer targets.
“To respond effectively, organizations need to shift to intelligent platforms, powered by artificial intelligence, capable of predicting and neutralizing cyber threats in real time. This is a vital shift in the context of an increasingly complex and unpredictable threat environment,” Mr. Simon Green recommended.
According to Palo Alto Networks’ Unit 42 2025 Global Incident Response Report, 86% of the 500 most serious cybersecurity incidents that occurred in 2024 caused significant disruption, reputational damage, or financial loss to the organization. Notably, 70% of these involved three or more attack surfaces, including endpoints, networks, and cloud environments.
In Vietnam, more than 659,000 cybersecurity incidents were recorded in 2024 alone, with nearly half of organizations having been victims of at least one cyberattack. In particular, 14.6% of organizations faced ransomware attacks, demonstrating the increasing sophistication of cyber threats. As Vietnamese businesses increasingly deploy multi-cloud strategies, the need to protect complex attack surfaces is more urgent than ever.
Source: https://baohungyen.vn/an-ninh-mang-khong-phai-la-cuoc-choi-de-co-the-tri-hoan-3181378.html
![[Photo] Anh Hoang - Dinh Duc successfully defended the men's doubles championship of the National Table Tennis Championship of Nhan Dan Newspaper](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/23/d6ab3bcac02c49928b38c729d795cac6)
![[Photo] Top players gather at the 2025 Nhan Dan Newspaper National Table Tennis Championship](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/23/9ad5f6f4faf146b08335e5c446edb107)
![[Photo] The Central Party Executive Committee delegation visits former President Tran Duc Luong](https://vphoto.vietnam.vn/thumb/402x226/vietnam/resource/IMAGE/2025/5/24/32f67673454445aab0f1f2af331cb170)
Comment (0)