Greater attention needed to respond to cyberinformation security threats

November 8, 2023

The Government has recently required the intensification of response to cyberinformation security threats so as to build digital trust and protect the country’s prosperous development in the digital era, thus contributing to successfully completing the national digital transformation.

Under Directive 18 dated October 13, the Prime Minister requests ministers, heads of ministerial-level agencies, chairpersons of the People’s Committees of provinces and centrally-run cities, presidents and general directors of corporations, state corporations or economic groups, and enterprises that are members, or have affiliated units being members, of the National Cyber Information Security Incident Response Network, to employ active approaches in responding to cyberinformation security threats.

Specifically, they will be obliged to proactively identify threats and scan for vulnerabilities in their managing information systems at least once every six months; issue emergency response plans and scenarios for their information systems before the end of this year, and promptly update changes to these systems; and organize combat drills at least once a year for these systems at level 3 or higher levels in order to promptly assess the capability to prevent intrusion and detect weaknesses in system processes, technology or personnel.

Upon detecting security risks or threats that might lead to cyber attacks or unauthorized control of the system, they have to simultaneously handle risks and respond to threats.

Until the end of the year, incident response teams will be organized and consolidated in a professional and flexible manner, with at least five experts specialized in cyberinformation security, including outsourced experts, who have standard information security skills.

The agencies are also required to announce their contact information including telephone numbers, email addresses or other modes of communication for receipt of cyberinformation security incident reports on their web portals before the end of October.

The Ministry of Information and Communications will be responsible for providing guidance on organization of regular activities of incident response teams and combat drills for cyberinformation security staffs in agencies, organizations and enterprises; and using results of such drills as criteria for annual assessment of maturity and profession of such teams.

Enterprises providing telecommunications and Internet services are required to warn their customers about the risk of wide-range cyberinformation security incidents or upon detecting such risk that may affect customers, and guide them in reporting cyberinformation security incidents upon their occurrence.

Source: Vietnam Law and Legal Forum magazine

Original link:

Privacy Compliance


PRIVACYCOMPLIANCE ( trân trọng giới thiệu tới bạn buổi Webinar xoay quanh chủ đề XIN SỰ ĐỒNG Ý CỦA CHỦ THỂ DỮ LIỆU – LÀM SAO CHO ĐÚNG VÀ “TRÚNG” nhằm chia sẻ đến bạn những kiến thức, kinh nghiệm và trải nghiệm thực tiễn có được trong quá trình tư vấn về sự đồng […]

Learn more

Privacy Compliance

Thông báo Quyền riêng tư

Tóm lược Thông báo Quyền riêng tư  Chúng tôi, Công ty Cổ phần Privacy Compliance công bố Thông báo Quyền riêng tư này (“Thông báo”) để làm rõ việc xử lý dữ liệu cá nhân được thu thập thông qua các trang web của chúng tôi bao gồm,, các ứng dụng và các […]

Learn more

Privacy Compliance


Dear Colleagues, Partners, and Friends, Mindful of the significant advancements in artificial intelligence (AI) in recent times, Privacy Compliance has undertaken a project aimed at updating our clientele, partners, and the general public on the prevailing state of AI globally and, more specifically, in Vietnam. With great pride, we hereby introduce the inaugural edition of […]

Learn more