Major Tran Trung Hieu, Deputy Director of the National Cybersecurity Center (NCSC) under the Cybersecurity and High-Tech Crime Prevention Department (A05, Ministry of Public Security), said at a recent event that when A05 detected a targeted cyberattack on a critical corporation and contacted its leadership, the response was, “We haven’t heard any reports from subordinates.”

“Then, they’d call their IT departments, who’d say, ‘We’ve handled it, sir.’ This shows a pattern where subordinates hide incidents from superiors due to fear of blame. These organizations hold critical data, so cyberattacks impact not only the nation but also the public,” Hieu said.

Meanwhile, cybersecurity threats are rising rapidly. Targeted cyberattacks are increasing in frequency, sophistication, and complexity. These attacks are often backed by well-funded organizations with large teams and advanced cyber tools, unlike the lone hackers of the past.

The representative from the NCSC said in many cases, hackers have “lain dormant” in corporate systems for up to nine months before striking. 

Cybersecurity efforts face significant challenges due to a shortage of both quantity and quality in Vietnam’s cybersecurity workforce.

Even large Vietnamese organizations lack cybersecurity personnel, let alone state agencies. During an incident response exercise at a major bank, A05 found that despite investments in Security Operations Centers (SOCs), monitoring was limited to 8 hours a day, leaving systems vulnerable at night. 

Many Vietnamese businesses, including large ones with SOCs, lack skilled personnel and operators for technical systems.

A cybersecurity expert said when a cyberattack happens, IT staff often hush it up and handle it quietly without reporting to leadership. This is because they fear being blamed or even fired.

The expert highlighted Vietnam’s lack of processes, technology, and skilled cybersecurity personnel amid rising targeted cyberattacks backed by well-resourced organizations with advanced tools.

According to the Vietnam National Cybersecurity Association (NCA), 46 percent of organizations reported at least one cyberattack last year, with 6.77 percent facing frequent attacks, totaling over 659,000 incidents. 

A05 reported over 74,000 cyberattack alerts for critical entities alone, including 83 targeted Advanced Persistent Threat (APT) campaigns.

Vu Ngoc Son from the association said that the current cyberattack situation demands urgent action to raise awareness and invest in advanced cybersecurity solutions. Close collaboration between the government, businesses, and the tech community, along with timely information sharing, are critical to protecting national cyberspace and building a strong foundation for the digital era.

Despite the severity of cyberattacks, Vietnam faces a severe shortage of cybersecurity personnel. An association’s survey found that 20.06 percent of organizations lack dedicated cybersecurity staff, and 35.56 percent have no more than five personnel, far below actual needs.

NCSC under A05 also pointed out many other problems: many staff, employees, and even leaders do not pay appropriate attention to cybersecurity; security technologies are often developed after application technology; and cybersecurity policies and laws remain incomplete.

Commenting about the maturity level of organizations in Vietnam, Son of NCA stated that the capabilities of agencies and businesses are still far below international cybersecurity standards.

Citing a Cisco survey in early May, 2025, Son noted that only 11 percent of Vietnamese organizations and businesses have reached a “mature” level, capable of effectively responding to cyber threats, a 5 percent increase from 2024.

Though Vietnam’s 11 percent maturity rate is above the global average of 4 percent, Son emphasized the need for more decisive and specific actions to improve incident response capabilities in Vietnam.

Hieu added that when large enterprises face cyberattacks, they often rely on multiple relationships and seek support from many parties. However, these parties don’t share information with each other, with each addressing only a specific aspect of the issue. 

In response, A05 proposed to the Minister of Public Security the establishment of a National Cybersecurity Incident Response and Recovery Alliance, coordinated by A05. This alliance facilitates information sharing for swift verification and incident resolution, supports affected agencies and businesses, and deploys alliance members to assist immediately during cyber incidents.

A05 is also drafting and preparing to issue a National Standard on Cybersecurity for critical IT systems of state agencies. This standard will serve as a framework for agencies, organizations, and businesses to reference when developing their cybersecurity strategies.

To address the personnel shortage, the association recommends that organizations consider using professional cybersecurity monitoring and operations services through centralized SOC models to share resources.

Additionally, Vietnam needs to urgently develop standards, certifications, and formal evaluation systems for cybersecurity personnel. These standards will help professionalize the cybersecurity industry, encouraging personnel to continuously improve their skills and expertise.

Thai Khang