46.15% of agencies and businesses will be cyber-attacked in 2024

At the seminar "The maturity level of Vietnamese enterprises and organizations in responding to incidents" organized by the National Cyber ​​Security Association (NCA) on May 21, it was shown that this situation requires more drastic and specific actions.

Cisco's report shows that 11% of businesses and organizations in Vietnam have reached the level of maturity for cybersecurity readiness, although there has been an improvement compared to last year.

However, compared to international standards, the capacity of domestic units still has a significant gap. Statistics from NCA further clarify this picture: 52.89% of enterprises lack a Security Operations Center (SOC) or similar solution, 14.89% do not have anti-virus software, and 35.87% do not have a data backup and recovery solution.

Regarding human resources, 20.6% of units do not have specialized personnel and 35.56% have less than 5 people assigned to this field, while operating a 24/7 SOC requires at least 8-10 positions. As a result, by 2024, up to 46.15% of agencies and businesses will be attacked by cyberattacks, with more than 659,000 incidents.

The main reasons for this situation include the lack of basic and synchronous cybersecurity solutions; rapid changes in technology, especially AI, making it difficult for businesses to adapt; the development of professional, highly skilled cybercrime groups; and the shortage of qualified personnel and limited awareness among users.

According to NCA experts, the root of every problem should come from awareness and the role of the leader is paramount.

Mr. Vu Ngoc Son, Head of the Technology and International Cooperation Department (NCA), affirmed: "Business and organization leaders must be the first to proactively participate in solving the problem of incident response capacity. Cybersecurity is a strategic responsibility that needs to be prepared in advance, early on. Raising awareness and capacity for the entire apparatus is necessary, starting with improving the "weakest point" - people through regular training".

Major Tran Trung Hieu, Deputy Director of the National Cyber ​​Security Center, Department of Cyber ​​Security and High-Tech Crime Prevention ( Ministry of Public Security ), assessed that the increase in both the number and sophistication of cyber attacks is posing an urgent need to improve cyber defense capabilities.

These attacks are not only about stealing data or destroying systems, but also target important government agencies and large enterprises, which can seriously affect national security and social order.

Need to move from passive to active cybersecurity

Mr. Hieu believes that businesses need to change their network protection mindset from passive to proactive and flexible. This not only helps minimize damage when incidents occur, but also creates a solid defense against increasingly sophisticated attacks.

At the same time, business leaders, especially in the banking, finance, energy sectors, need to put cybersecurity issues into their organization's long-term development strategy.

To improve, businesses need to invest in synchronous technology solutions, centralized management, and AI applications to support early detection and sharing of threat intelligence.

Establishing a clear incident response process, with specific scenarios and emergency contact lists is imperative. Experience from the incident at CMC Cyber ​​Security shows the importance of having detailed system design documentation and an effective data backup strategy (such as the 3-2-1 model) for quick recovery.

It can be seen that to cope with the risky cyber environment, Vietnamese businesses and organizations need a proactive and strategic approach.

Direct leadership engagement and investment in people, technology and processes are key to increasing maturity in cybersecurity incident response and protecting business operations and critical data.

Source: https://dantri.com.vn/cong-nghe/tan-cong-mang-ngay-cang-tinh-vi-nguy-co-tu-tu-duy-bi-dong-20250521144027840.htm