New highlights of the draft Law on Cyber ​​Security

According to the Ministry of Public Security , in recent times, the drafting agency has proactively and urgently completed the draft Law dossier to submit to the National Assembly. With the draft Law on Cyber ​​Security, the new version of 2025, there are a number of outstanding new points as follows:

The draft new Law on Cyber ​​Security has unified the use of the central term related to this field as "cyber security" and prescribed a focal point for state management of cybersecurity, helping to simplify the management process and enhance coordination in national cybersecurity protection work.

This new draft Law on Cyber ​​Security only regulates issues under the authority of the National Assembly , helping to thoroughly cut administrative procedures and facilitate people and businesses in complying with legal regulations.

The new draft Law on Cyber ​​Security adds a number of important provisions, including:

Ensuring data security; requiring enterprises providing online services to identify IP addresses for cyber security protection forces; regulating funding for cyber security protection of state agencies, organizations and enterprises; encouraging the use of domestic cyber security products, improving Vietnam's capacity for cybersecurity autonomy; cyber security certificates for heads of important national information systems.

These new points will create a solid foundation to help Vietnam effectively deal with cybersecurity challenges, protect national security and citizens' rights in the digital age.

Unifying the state management focal point on cybersecurity

The drafting agency believes that it is necessary to unify the state management focal point for cybersecurity for the following reasons:

1. Increase efficiency in management and supervision

Ensuring consistency and synchronization: With a single management point of view, state agencies can operate in a unified and synchronous manner, avoiding overlapping and conflicting management work. This helps create a stronger and more effective cybersecurity system.

Centralizing resources: Centralizing cybersecurity management in one agency will help optimize resources, including human, financial and technological resources, thereby enhancing the ability to respond quickly and effectively to cyber threats.

2. Ensure transparency and accountability

Clearly define management responsibilities: A single management point will clarify the responsibilities of government agencies in protecting cybersecurity, from policy implementation, monitoring to handling cybersecurity incidents. This helps avoid shifting responsibility between different agencies and organizations.

Easier monitoring and inspection: When there is a clear governing body, monitoring and inspection of cybersecurity-related activities will be easier, helping to promptly detect problems and handle them quickly.

3. Strengthening the ability to respond to cybersecurity threats

Respond quickly to cybersecurity incidents: As cybersecurity threats become more complex and dangerous, having a lead agency improves the ability to respond quickly to incidents, while helping to minimize damage and stop the risk of attack.

Effective information sharing and coordination: A single point of contact will help improve information sharing among authorities, thereby coordinating the handling of cyber security incidents more effectively. This is also an important factor in responding to cross-border attacks.

4. Ensuring sustainable development of cybersecurity infrastructure

Developing a synchronous network infrastructure: Unifying the management point helps deploy and develop national network security infrastructure in a synchronous manner, avoiding the situation where state agencies or businesses operate without close coordination.

Encourage creativity and innovation: A lead agency will create a favorable environment for the development of advanced cybersecurity technologies, thereby helping Vietnam reduce its dependence on foreign technology and enhance its cybersecurity autonomy.

5. Promote international cooperation on cybersecurity

Ensuring consistency in foreign affairs: In the field of cybersecurity, international cooperation is indispensable. Having a management focal point will help Vietnam have an official representative to participate in international forums, cooperate in sharing information and cybersecurity technology.

Unified and enforceable policy: A single regulatory focal point helps develop clear cybersecurity policies and coordinate with other countries to implement international cybersecurity agreements and standards.

6. Protecting the rights of people and businesses

Protecting the rights of citizens and organizations: A synchronous management system will help protect people and businesses from attacks, intrusions and abuse of personal information, thereby creating a safe network environment for the community.

Encourage the development of digital services: With a unified and strong cybersecurity management system, people and businesses will feel more secure when using online services, thereby promoting the development of the digital economy.

Unifying the state management focal point on cybersecurity not only helps create a solid information network protection system but also improves the ability to respond to threats, protect the interests of people and businesses, and promote the sustainable development of technology and the digital economy in Vietnam.

Additional contents in the draft Law on Cyber ​​Security

Also according to the Ministry of Public Security, the draft of the new Cyber ​​Security Law 2025 has added provisions on:

Encourage state agencies, organizations, and businesses to use domestic cybersecurity products, improving Vietnam's cybersecurity autonomy. Vietnam should encourage domestic businesses to research, develop, and deploy security tools that are appropriate to their needs and actual situations. Developing security software, firewall systems, and data encryption software will help reduce dependence on foreign technology providers.

Cybersecurity funding for state agencies, organizations, and enterprises. The government and relevant agencies need to invest in national cybersecurity systems, including cybersecurity operations centers, monitoring, detection, and incident response systems. This will help monitor and promptly handle cybersecurity threats.

Cybersecurity certification for heads of national critical information systems. Accordingly, the Government and educational institutions need to promote cybersecurity training programs at all levels, from basic to advanced. These programs need to be designed to provide solid knowledge on cybersecurity issues, from personal information security to national security.

The draft of the new Cyber ​​Security Law 2025 has specified the content of international cooperation in the field of cyber security, at the same time, cooperation in sharing information on threats, cyber attacks and preventive measures.

To improve the capacity of cybersecurity autonomy in Vietnam, it is necessary to issue regulations that both ensure strictness and promote innovation, ensuring that organizations and businesses are responsible for ensuring the safety of information systems and protecting people's personal data. Violations need to be strictly handled to build people's trust.

To enhance cybersecurity self-reliance, Vietnam will also raise awareness of cybersecurity in the community. The Government and social organizations need to launch propaganda campaigns on cybersecurity. This includes raising awareness of threats such as phishing attacks, malware, and DDoS attacks. Instructing people and businesses to implement basic security measures such as using strong passwords, encrypting data, and regularly updating security software.

Improving cybersecurity capacity in Vietnam is a long-term process and requires close coordination between the Government, businesses, educational institutions and the community. Only when these solutions are implemented synchronously and effectively can Vietnam ensure a safe and secure cyberspace for its people and the country.