Speaking at the seminar “Vietnamese organizations and enterprises: Readiness to handle cybersecurity incidents” hosted by the National Cybersecurity Association (NCA) on May 21, Lt. Hieu revealed that a wave of cyberattacks has recently targeted critical Vietnamese sectors such as energy, finance, healthcare, and media.

He confirmed that one commercial bank suffered a severe breach resulting in a direct financial loss of 100 billion VND, underscoring deep vulnerabilities in Vietnam’s cybersecurity readiness.

Gaps in staffing and operations

Despite investment in cybersecurity infrastructure such as Security Operations Centers (SOC), Hieu said many organizations fail in execution due to a shortage of qualified personnel. In the aforementioned bank, the SOC only operated during daytime hours  -  leaving night-time activities unmonitored and exploited by hackers.

“This highlights a critical need for round-the-clock monitoring and specialized staff capable of analyzing and responding to threats in real time,” Hieu added.

Vietnam’s cybersecurity maturity still low

According to Cisco’s 2025 Cybersecurity Readiness Index released on May 8  -  based on a survey of 8,000 security and business leaders across 30 global markets, including Vietnam  -  only 11% of surveyed Vietnamese organizations met the ‘Mature’ level of cybersecurity readiness needed to effectively defend against today’s threats.

While this is a 5% improvement over 2024, Cisco experts warn that the progress is still modest, especially in light of growing challenges posed by AI-driven cyber threats.

Nguyen Nhu Dung, General Director of Cisco Vietnam, Laos, and Cambodia, noted: “Many companies are still struggling with increasingly sophisticated attacks. It’s time to adopt a new approach  -  not only using AI for security but ensuring AI systems themselves are secure and scalable.”

Vu Ngoc Son, Head of Technology Research at NCA, echoed similar concerns. He emphasized that most Vietnamese enterprises lack the tools, processes, and preparedness to handle incidents effectively.

While Vietnam’s 11% maturity rate is low, the global average is even lower at just 4%, highlighting a worldwide gap in cybersecurity readiness.

Alarming statistics and widespread vulnerabilities

An NCA survey conducted in late 2024 found that:

52.89% of Vietnamese organizations lacked sufficient cybersecurity solutions
56.16% did not have dedicated cybersecurity staff
In 2024 alone, Vietnam suffered 659,000 cyberattacks, impacting roughly 46.15% of organizations

According to Son, the major reasons behind Vietnam’s weak incident response include:

Absence of comprehensive, synchronized security frameworks
The disruptive pace of digital transformation, especially AI advancements
The rise of cross-border cybercrime groups with advanced capabilities
Severe shortages in trained personnel and limited cybersecurity awareness among users
A call for national digital literacy in cybersecurity

Son stressed the need for a grassroots movement to raise cybersecurity awareness:

“We need a 'cybersecurity literacy campaign' for the entire workforce. Only when everyone has basic knowledge and skills can technology and processes be truly effective.”

Thai Khang