According to the National Cyber Security Association, 52.89% of businesses and organizations in Vietnam do not have adequate technological solutions to respond to cyber security incidents, and 56.16% do not have enough specialized personnel for cyber security. According to a report by Cisco, only 11% of businesses and organizations have reached the maturity level to respond to incidents.
Therefore, experts say that units need to take more drastic and specific actions to improve incident response capacity, in which the role of the organization's leader is extremely important.
This is the information given from the Seminar "The maturity level of Vietnamese enterprises and organizations in responding to incidents" organized by the National Cyber Security Association (NCA) on May 21 in Hanoi .
Vietnam's capacity to respond to cybersecurity incidents is still low.
The digital transformation process is taking place strongly, along with that, the number of cyber attacks is constantly increasing in both quantity and severity. However, according to NCA, most Vietnamese enterprises still do not have enough capacity, processes or necessary preparations to deal with cyber security incidents. According to statistics from the National Cyber Security Association, in 2024 there will be up to 659,000 different cyber security attacks, affecting about 46.15% of agencies and enterprises.
Sharing at the Seminar, Major Tran Trung Hieu - Deputy Director of the National Cyber Security Center, a professional unit under the Department of Cyber Security and High-Tech Crime Prevention - A05 ( Ministry of Public Security ) said that in recent years, challenges in ensuring network safety and security have increased.
Major Tran Trung Hieu said that cyber security threats are constantly increasing. Targeted cyber attacks are increasing in number and sophistication. "Not only that, behind targeted cyber attacks are organizations with great economic potential, large human resources, and well-equipped cyber weapons, not just individuals like before."
A representative of the National Cyber Security Center under A05 (Ministry of Public Security) also shared that in reality, there were hackers "lying in" in the company's system for 9 months before the attack.
Meanwhile, the work of ensuring network safety and security is also facing a major challenge: the human resources for network security in Vietnam are currently lacking in both quantity and quality. Even large organizations and enterprises in Vietnam are lacking in network security human resources, not to mention the state agencies.
As evidence for the above statement, Major Tran Trung Hieu shared: Through participating in incident response at a large bank, A05 noted that due to lack of human resources, although it had invested in a network security monitoring and operation system - SOC, in reality it was only monitored for 8 hours, and at night it did not monitor what hackers were doing. Many Vietnamese enterprises, including large enterprises, have SOC systems but lack skilled personnel as well as personnel to operate technical systems.
Some other challenges also shared by the representative of the National Cyber Security Center are that many officers, employees and unit leaders do not pay due attention to cyber security; security technology is often developed after application technology; policies and laws on cyber security are not yet complete...
How to improve incident response capacity?
Discussing at the seminar, cybersecurity experts agreed that the main reasons for Vietnam's low response capacity are: Lack of basic, synchronous cybersecurity solutions to protect the system; technology, digital transformation is constantly updated, in which the explosion of AI makes businesses unable to adapt; the strong development of professional cybercrime groups, including cross-border groups with very high qualifications; the shortage of specialized personnel and the limited cybersecurity skills of the majority of users.
According to Mr. Vu Ngoc Son - Head of Technology Research, National Cyber Security Association, business and organization leaders must be the first to proactively participate in solving the problem of incident response capacity. Cyber security is not a game that can be "calculated later" but a strategic responsibility that needs to be prepared in advance, early on. Establishing technology solutions, building response processes, raising awareness, practicing and cooperating with experts should be an essential part of the risk management plan of every business, large or small.
From his experience in responding to a ransomware attack on his unit's system in mid-April 2025, Mr. Do Van Thinh - Director of CMC Cyber Security's Cyber Security Monitoring Center, said that it is necessary to clarify the issues and lessons learned after the incident to form a common awareness for the collective and team.
For CMC, in addition to overcoming existing problems such as services and systems being attacked while in the transition phase of operation and exposing vulnerabilities and risks, the unit has analyzed the causes to review and perfect the process to ensure stricter security, and at the same time added measures to protect the system's safety.
According to the Association's experts, it is necessary to start improving the weakest component of each system, which is people. Training on cybersecurity awareness and skills for each individual in the organization needs to be done regularly. When the entire organization has enough cybersecurity knowledge and skills, other solutions such as technology and new processes can be effective.
In terms of technology, in the context of increasingly sophisticated cyber threats, businesses and organizations need to invest in synchronous solutions. Deploy centralized cybersecurity management solutions, integrate AI data analysis capabilities and connect with threat intelligence sources to monitor, detect and respond early to potential risks.
In addition, it is imperative to develop a clear incident response process, assign specific responsibilities, have a ready-made scenario and support tools. In particular, businesses need to prepare contact information of relevant authorities and associations in advance so that they can coordinate, report and handle incidents promptly when they occur. Being proactive and strategic is the key to minimizing damage and protecting business operations in the digital environment./.
Source: https://www.vietnamplus.vn/hacker-nam-vung-trong-he-thong-cua-doanh-nghiep-viet-suot-9-thang-cho-tan-cong-post1039835.vnp
![[Photo] Prime Minister Pham Minh Chinh attends the groundbreaking ceremony of Trump International Hung Yen Project](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/21/ca84b87a74da4cddb2992a86966284cf)
![[Photo] Scientific workshop "Building a socialist model associated with socialist people in Hai Phong city in the period of 2025-2030 and the following years"](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/21/5098e06c813243b1bf5670f9dc20ad0a)
![[Photo] Prime Minister Pham Minh Chinh receives Rabbi Yoav Ben Tzur, Israeli Minister of Labor](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/21/511bf6664512413ca5a275cbf3fb2f65)
![[Photo] Determining the pairs in the team semi-finals of the National Table Tennis Championship of Nhan Dan Newspaper](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/5/21/eacbf7ae6a59497e9ae5da8e63d227bf)
Comment (0)