Data security is codified for the first time
The seminar “Cybersecurity Law 2025: A step forward in protecting data security” organized by the National Cybersecurity Association affirmed a new approach: making “data security” an essential component in protecting national cyber security. Analysis from representatives of the Ministry of Public Security and experts showed that the draft law not only fills the legal gap, but also creates a foundation for developing the digital economy and protecting digital sovereignty in the context of data becoming a strategic resource.
The most notable new point in the Draft Law on Cyber Security 2025 is that the concept of “data security” is clearly defined as a component of national cybersecurity. According to the draft, data security is the assurance of collecting, updating, and processing data to serve digital transformation and digital economic development. This is the first time that data be considered The “new oil” of the digital age is placed at the center of the legal framework.
Recent reality shows that most cyber attacks target data. Hackers steal, encrypt, ransom or destroy data, paralyzing the systems of agencies and businesses, leaving consequences that last for many years. In that context, adding regulations on data security is an urgent requirement to improve the country's capacity to protect digital resources.
The draft law also creates a driving force to change the mindset of data management in organizations and businesses. When forced to comply with legal standards on data protection, units without sufficient infrastructure or human resources will have to choose safer options: exploiting data from the National Database, using a trusted data platform or hiring data services from units that meet security standards. This trend not only reduces the risk of information leakage but also saves costs and improves operational efficiency.
The leader cannot "blurred" cyber security
Speaking at the seminar, Lieutenant Colonel Nguyen Dinh Do Thi, Deputy Head of the Cyber Security Department, Department of Cyber Security and High-Tech Crime Prevention (Ministry of Public Security) said that ensuring cyber security and data security of organizations and individuals is a continuous and inseparable requirement in the process of developing science , technology, innovation and digital transformation. The draft Law on Cyber Security 2025 identifies the State's key policies on ensuring cyber security and data security. First, prioritize cybersecurity protection in national defense, security, socio-economics, science and technology and foreign affairs. Second, build a safe cyberspace that does not harm national security and social order. Third, focus resources on building specialized forces, developing high-quality human resources, and promoting research and development of cybersecurity technology. Fourth, encourage organizations and individuals to participate in handling risks and coordinate with competent authorities. Fifth, prioritize the use of Vietnam's cybersecurity industry products and services. Sixth, strengthen international cooperation to protect cybersecurity.
According to Mr. Vu Ngoc Son , Head of the Department of Research, Consulting, Technology Development and International Cooperation, National Cyber Security Association, making data security a key content in the draft law is a prominent addition and very in line with the current trend. Nowadays, data is likened to "new oil", a strategic resource of the country. When data is appropriated, leaked or used illegally, the damage is not only economic, but can also affect national security, digital sovereignty and social trust. By including the requirement on Data Security in the new Law, it is determined that: Data must be protected as a national resource. Risks related to data must be strictly controlled. Emphasizing data security in the law reflects modern management thinking, in line with the context of data becoming a vital factor of every organization. This is a strategic, timely and extremely necessary step. It not only fills the legal gap, but also demonstrates Vietnam's vision in proactively creating a safe and transparent cyberspace, considering data protection as the core foundation for sustainable development in the digital age.
“One of the new points of the Draft Law on Cyber Security 2025 is to emphasize the special role and responsibility of the heads of agencies, organizations and enterprises in ensuring cyber security. According to the regulations, the heads are not only responsible for implementing protection activities within the scope of management, but also must meet the requirements on knowledge and skills related to cyber security. This regulation reflects the reality: cyber security is only truly effective when it is placed in a priority position in governance and decision-making. If the head does not understand cyber security, all strategies, processes, technical investments and personnel assignments are at risk of being just formalities or being implemented without focus. On the contrary, when leaders have deep enough knowledge and skills, decisions on information system protection, technology investment, human resource organization and data operation will go in the right direction, promote efficiency and ensure sustainability” . Mr. Vu Ngoc Son shared more.
With the presentation "Cybersecurity Law 2025 will help strengthen the security of financial data and digital transactions", sharing information at the seminar, Mr. Tran Cong Quynh Lan , The Deputy General Director of Vietnam Joint Stock Commercial Bank for Industry and Trade (VietinBank) said that early and systematic compliance with the Law on Cyber Security 2025 will help VietinBank become a pioneer in the industry in Information Security; Create a competitive advantage over banks that have not yet completed the process of monitoring and protecting data, thereby increasing the trust of the State Bank, Customers, and international organizations. With the task of standardizing data management and data classification requirements, this is an opportunity for VietinBank to build an international standard Data Governance Framework; Create a foundation for AI programs, data analysis... in the future; Along with that, strengthen the link between IT - Cyber Security - Data - Business. Ensuring network security and data security of organizations and individuals is a continuous and inseparable requirement in the process of innovation and digital transformation.
Strategic milestone on the journey to protect digital sovereignty
In the discussion "The 2025 Cybersecurity Law will help strengthen the security of financial data and digital transactions", Mr. Tran Cong Quynh Lan, Deputy General Director of VietinBank, said that early compliance with the draft law will bring great advantages to the banking industry, the sector that holds the most sensitive and valuable data today.
According to Mr. Lan, the new law will help: Standardize data management according to international standards; Create a platform for AI programs, data analysis; Increase connectivity between IT - Cybersecurity - Data - Business; Enhance the confidence of the State Bank, customers and international organizations. In particular, establishing a clear legal framework will help banks be more proactive in preventing data leaks, cyber attacks and securing digital transactions, risks that are increasing rapidly in the digital financial market.
From a telecommunications perspective, Mr. Le Cong Trung, Head of Cyber Security Department, MobiFone Telecommunications Corporation, said that no matter how modern technology is, the human factor is still decisive. The telecommunications infrastructure operations team must have a deep understanding of core networks, equipment, and protocols; be able to analyze incidents, handle emergency situations, and maintain absolute security discipline.
“Cybersecurity from infrastructure is the foundation for protecting the national digital space,” said Mr. Trung . MobiFone is committed to investing in upgrading infrastructure, developing cyber security services and accompanying agencies and organizations on the journey to build a safe digital environment.
Opinions at the seminar agreed that for the Law on Cyber Security 2025 to be effective, there needs to be synchronous coordination between: State management agencies to soon issue a set of technical standards on cyber security; complete instructions for agencies and businesses to easily implement; and strengthen inspection but in a supportive direction.
Enterprises need to build a comprehensive cybersecurity management model: data classification; encryption, secure storage; monitoring and incident response; training cybersecurity human resources. Compliance with the new law not only protects enterprises from legal risks but also enhances competitiveness in the digital economic environment.
And importantly, according to Mr. Vu Ngoc Son, people need to raise awareness about data rights, understand the value of personal data to be cautious when sharing information on cyberspace.
It can be affirmed that the Draft Law on Cyber Security 2025 is a strategic step, creating a strong legal foundation to protect national digital infrastructure, strengthen the safety of essential digital services and protect the rights and legitimate interests of people and businesses. Putting “data security” at the center demonstrates Vietnam’s long-term vision in the context of data becoming a strategic resource.
The law is not only a management tool, but also a mechanism to create and guide the digital transformation process to take place safely and sustainably. This will be an important milestone in the effort to build a safe, trustworthy and prosperous digital space for Vietnam in the next decade.
Source: https://baophapluat.vn/luat-an-ninh-mang-2025-khong-the-cham-tre-trong-cuoc-chien-bao-ve-du-lieu.html
Comment (0)