Recently, the Ministry of Public Security - the drafting agency - has proactively and urgently completed the draft dossier of the 2025 Cyber Security Law to submit to the National Assembly.
The new draft Law on Cyber Security adds a number of important provisions to create a solid foundation for Vietnam to effectively deal with cybersecurity challenges, protect national security and citizens' rights in the digital age, including ensuring data security.
For the first time, data is at the heart of a cybersecurity regulatory framework
The Draft Law on Cyber Security 2025 has officially added and defined "data security" as an important component of national cybersecurity. This is the first time that data - the core element of digital transformation - has been placed in one of the central positions in the legal framework on cybersecurity.
According to the Draft, data security is understood as ensuring the collection, updating, adjustment and processing of data to serve national digital transformation and digital economic development. The legalization of this concept is a strategic step forward in the context that data has become the main target of attacks in recent years.
In fact, the recent reality shows that most of the cyber attacks recorded recently are aimed at stealing, encrypting or destroying data, not only disrupting the organization's operations, the consequences of data attacks can last for many years.
This requires a strong, unified legal framework that is appropriate to the new risks in cyberspace. Adding “data security” not only fills the legal gap but also brings practical benefits to all stakeholders.
As agencies, organizations and businesses are required to fully comply with data protection requirements under the law, those that do not have the technical or human resources to ensure data security themselves will be forced to choose safer methods of using data, instead of continuing to collect and store data in a risky way as they do today.
Instead of building their own data warehouses, units can connect and exploit data directly from the National Database or use trusted data services provided by state agencies and qualified organizations. This approach helps reduce the risk of leakage, optimize infrastructure investment costs and improve operational efficiency. For businesses, using data in a secure and compliant manner not only protects themselves from legal risks, but also contributes to enhancing reputation and competitiveness in the digital economy.
Ensuring data security is a cross-cutting requirement
In the seminar "Cybersecurity Law 2025: A step forward in protecting data security" organized by the National Cybersecurity Association on the afternoon of November 24 in Hanoi, Lieutenant Colonel Nguyen Dinh Do Thi - Deputy Head of the Cyber Security Department, Department of Cybersecurity and High-Tech Crime Prevention (Ministry of Public Security) said that ensuring network security and data security of organizations and individuals is a continuous and inseparable requirement in the process of developing science , technology, innovation and digital transformation.
According to Mr. Vu Ngoc Son - Head of the Department of Research, Consulting, Technology Development and International Cooperation, National Cyber Security Association, making data security a key content in the draft law is a prominent addition and very in line with the current trend.
Today, data is considered the “new oil” and is a strategic national resource. When data is stolen, leaked, or misused, the damage is not only economic, but can also affect national security, digital sovereignty, and social trust.
By including the Data Security requirement in the new Law, it is determined that: Data must be protected as a national resource. Risks related to data must be strictly controlled. The emphasis on data security in the law reflects modern management thinking, in line with the context where data has become a vital factor for every organization.
According to Mr. Vu Ngoc Son, this is a strategic, timely and extremely necessary step, not only filling the legal gap, but also demonstrating Vietnam's vision in proactively creating a safe and transparent cyberspace, considering data protection as the core foundation for sustainable development in the digital age.
Speaking at the seminar, Mr. Le Cong Trung - Head of Cyber Security BU (MobiFone Telecommunications Corporation) stated that investing in human resources is the key to maintaining the infrastructure. No matter how modern the technology is, the human factor is still decisive. The infrastructure operation team must have a deep understanding of the core network, equipment, and protocols; be able to quickly analyze incidents and handle emergency situations; maintain operational discipline and absolute information security. Cyber security human resources not only need to operate well but also need to build a "safety first" culture.
The presentations and opinions shared at the seminar "Cybersecurity Law 2025: A step forward in protecting data security" by speakers from agencies, businesses providing services, critical infrastructure, banks, e-commerce, etc. all shared the same view: To effectively implement the new regulations, management agencies need to promptly issue standards and technical regulations on cyber security. Enterprises need to proactively build a cyber security governance model, especially comprehensive data governance, including classification, encryption, secure storage, monitoring and incident response. People also need to raise awareness of their data rights, be cautious when sharing information and comply with legal regulations./.
Source: https://www.vietnamplus.vn/luat-an-ninh-mang-2025-an-ninh-du-lieu-la-cau-phan-quan-trong-an-ninh-quoc-gia-post1078970.vnp
Comment (0)