Vietnam issues cybersecurity directive amid attacks
The Prime Minister of Vietnam, Pham Minh Chinh, has issued a directive, urging ministries, sectoral bodies and local government agencies to conduct a thorough review of the country’s cybersecurity landscape.
Ransomware incidents since late March have targeted prominent enterprises such as financial advisory company VnDirect, fuel service station chain PVOil and a telecommunications service provider, which emphasised the urgent need for the implementation of comprehensive cybersecurity measures. DFDL’s assessment shows that Vietnam ranks 12th globally in internet usage, with 72 million users, yet cybersecurity awareness remains inadequate with a lack of co-ordination between government agencies and the private sector.
The damage from cyberattacks amount to significant financial losses, with phishing, scam calls and data breaches proliferating. Cybersecurity software company Bkav Corporation conducted an assessment in December last year that found computer viruses caused estimated losses of VND17.3 trillion (USD716 million) to Vietnamese users in 2023. In response to the directive, DFDL recommends that enterprises undertake the following actions to enhance cybersecurity compliance:
· Proactively establish measures to ensure the security of information ofenterprises and state authorities, e.g., the Vietnam Cybersecurity Emergency Response Team/Co-ordination Centre (VNCERT/CC), in the event of cyberattacks or cybersecurity incidents;
· Proactively report to VNCERT/CC through the contact information provided on the website https://vncert.vn/ on detecting any cybersecurity incidents in Vietnam, and the Department of Cybersecurity and High-tech Crime Prevention (DCHCP) within 72 hours if any data privacy breaches concerning Vietnamese citizens occurs;
· Comply with data localisation and filing requirements in terms of the data processing impact assessment dossier and the data cross-border transfer impact assessment dossier; and
· Co-ordinate with state agencies when requested.