Lesson 2: Building a Sustainable Cybersecurity Workforce

Based on this, Dr. Pham Kim Thu, Vice Rector of the Friendship University of Technology and Management, stated that it is necessary to build a model where the State plays a policy-making role and commissions training; universities proactively innovate programs and improve training quality; and businesses participate in collaboration, testing, and refining practical skills. This is the key model for forming a team of cybersecurity experts that meets the development requirements in the digital and AI era. If all three parties work together, Vietnam can completely build a cybersecurity human resource training ecosystem that meets both immediate needs and has a long-term vision, effectively serving the goal of safe and sustainable national digital transformation.

According to statistics for the third quarter of 2025 alone, Vietnam recorded over 500,000 DDoS attacks, double the number for the same period in 2024. Besides risks such as data theft and impersonation of reputable websites to gather information, traditional attack methods like DDoS, while not new, are becoming increasingly dangerous due to their deep exploitation of system vulnerabilities.

Given the above situation, Associate Professor, Dr. Tran Minh Triet, Vice Rector of the University of Science (Vietnam National University Ho Chi Minh City), proposed that it is necessary to promote the development of high-quality cybersecurity human resources, especially a team of experts capable of operating and monitoring systems full-time and promptly detecting and responding to incidents. At the same time, the issue of human resources must be closely linked to raising awareness among the public and users. Because ensuring cybersecurity is not limited to servers or services, but also includes systems, software, and digital services widely deployed on mobile devices and platforms that people use daily.

Attracting talent through specific policies.

Resolution No. 57-NQ/TW of the Politburo affirms that ensuring national sovereignty in cyberspace, cybersecurity, data security, and information safety are overarching requirements closely linked to national development. Based on this, training and developing high-quality human resources in cybersecurity is identified as a key task, directly serving the protection of digital sovereignty and the development of the knowledge economy. Along with this orientation, new policies, from the Cybersecurity Law, the amended Electronic Transactions Law, Decree No. 13/2023/ND-CP on the protection of personal data, to the National Cybersecurity Strategy to 2030, are gradually perfecting the legal framework for governing the national digital space and data.

According to Associate Professor, Dr. Nguyen Huu Hieu, Rector of Da Nang University of Technology, instead of being administrative orders, these policies are creating a "positive pressure" - both promoting and guiding the market and training institutions to proactively standardize the capacity of cybersecurity human resources, towards a safe and sustainable digital economy.

For universities, this is a "golden opportunity" to restructure their training programs towards a modern and integrated approach. Therefore, universities cannot simply focus on teaching security techniques; they must aim to train individuals who understand the law, are knowledgeable in governance, and have the capacity to ensure compliance throughout the entire data lifecycle. It is necessary to integrate modules on personal data protection, legal security, and international compliance standards into the regular curriculum, while simultaneously implementing a training model that combines on-campus learning with practical experience in businesses and management agencies to develop practical skills and real-world problem-solving abilities in students.

New legal regulations have expanded the scope of cybersecurity – from technical handling to risk management and strategic data protection – requiring interdisciplinary and predictive training models that harmoniously combine technology, legal, governance, and data ethics. It is predicted that in the next 5-10 years, cybersecurity professionals will become one of the leading strategic professions in the digital economy. Therefore, universities need to move beyond training purely technical "security engineers" and instead focus on developing "digital security architects" – individuals capable of designing, operating, and managing entire cybersecurity ecosystems. Simultaneously, specific mechanisms and policies for attracting and rewarding personnel, especially those specializing in information security, need to be implemented soon.

Vietnam is currently an active member of the global cybersecurity network, maintaining close cooperative relationships with INTERPOL, ASEANAPOL, and many international organizations. Partners such as the Japan International Cooperation Agency (JICA) and the Korea International Cooperation Agency (KOICA) have long-standing collaborations in expert training and technology transfer, thereby contributing to the development of core personnel and the formation of a "defense belt"—monitoring and incident response centers that meet international standards.

Simultaneously, the Ministry of Public Security, along with other ministries, agencies, research institutes, and universities, are focusing on implementing key tasks such as building a National Data Center according to international security standards, training specialized personnel, and promoting public-private partnerships to strengthen digital trust and ensure national data security.

It can be affirmed that building a cybersecurity workforce is an investment in the future of Vietnam's digital space. Only when a sufficiently strong and specialized team is formed and placed within a synchronized ecosystem can cybersecurity truly become a solid foundation for safe and sustainable digital development.

Lesson 1: The Core Bottleneck in Cybersecurity Human Resources