AI adoption in cybersecurity surges across Vietnam

The IDC study, commissioned by Fortinet, reveals that AI has moved beyond hype to become a critical enabler of speed, accuracy, and scale in security operations, and is now shaping hiring priorities, investment strategies, and the architecture of modern cybersecurity teams.

AI is transforming both sides of the cybersecurity equation. For defenders, it offers the potential to automate detection, accelerate response, and scale threat intelligence with unprecedented speed. But the same capabilities are now being leveraged by attackers, who are using AI to launch stealthier, faster, and more adaptive attacks.

According to the IDC study, nearly 52 per cent of organisations across Vietnam say they have encountered AI-powered cyber threats in the past year. Of those, 54 per cent reported a 2X increase and 36 per cent reported a 3X increase in threat volume. These attacks are harder to detect and often exploit blind spots in visibility, governance, and internal processes.

AI is no longer a future consideration; it's an operational reality. More than eight out of 10 organisations across Vietnam are already using AI in their security environment. Organisations are rapidly progressing from AI-powered detection to more advanced use cases such as automated response, predictive threat modelling, AI-driven incident response, AI-powered threat intelligence, and behavioural analytics. These top five use cases reflect how detection has become table stakes, while response, prediction, and orchestration are now the next frontier.

GenAI is also gaining traction, with adoption focused on light-touch tasks such as running playbooks, updating rules and policies, social engineering detection, writing detection rules, and guided investigations. However, trust in autonomous action remains limited. Use cases like auto-remediation and guided remediation are not widely deployed, signalling that we are still in the "co-pilot" phase of adoption.

The shift towards AI-first cybersecurity is also reshaping how teams are built. Across Vietnam, the top five cybersecurity roles in demand include security data scientists, threat intelligence analysts, AI security engineers, AI security researchers, and AI-specific incident response professionals. Organisations are no longer just deploying AI tools; they are building their cybersecurity teams around AI capabilities. This reflects a broader trend where the workforce is rapidly evolving to match the pace of technological adoption.

Cybersecurity budgets are trending upward, with nearly 90 per cent of organisations reporting an increase. However, the vast majority of these increases were modest, 60 per cent reported an uplift of less than 5 per cent, and 30 per cent saw increases between 5–10 per cent. This suggests that while budgets are growing, spending remains focused on covering rising operational and talent costs. Organisations appear to be carefully prioritising how and where these limited increases are deployed. The top five areas of investment over the next 12-18 months include identity security, network security, SASE/Zero Trust, cyber resilience, and cloud-native application protection, indicating a strategic shift from infrastructure-heavy spending towards more targeted, risk-centric priorities that reflect the evolving threat landscape.

While cybersecurity is gaining executive attention, many teams remain under-resourced and lack dedicated focus. Only 6 per cent of an organisation's total workforce is allocated to internal IT, and just 13 per cent of that is focused on cybersecurity. Less than one in six organisations have a standalone chief information security officer (CISO), and only 6 per cent have purpose-built teams handling Security operations and threat hunting.

This lack of specialisation is impacting performance. More than half of the respondents cited an overwhelming surge in threats, with additional pressures from tool sprawl and talent retention challenges. Execution suffers as teams struggle with burnout and complexity, reinforcing the need for smarter resourcing models.

As complexity grows, organisations are shifting towards unified cybersecurity frameworks that deliver end-to-end visibility, operational efficiency, and simplified management. Nearly all respondents (96 per cent) are either converging security and networking or evaluating how to do so. In addition, Consolidation is no longer viewed as just a cost-cutting measure, it's seen as a strategic necessity. 80 per cent of respondents are actively considering vendor consolidation, driven by benefits like faster support, cost savings, better integration, and improved security posture.

Simon Piff, research vice-president of IDC Asia-Pacific, said, “The findings of this survey reflect the growing maturity of cybersecurity across the region. Organisations are no longer experimenting with AI, they are embedding it across threat detection, incident response, and team design. This signals a new era of security operations that is smarter, faster, and more adaptive to the evolving risk landscape. AI is fundamentally reshaping how threats are identified, prioritised, and acted upon, and this evolution demands a parallel shift in cybersecurity strategy and talent.”

Nguyen Gia Duc, country manager of Fortinet Vietnam, said, “CISOs across Vietnam are entering a more advanced phase of cybersecurity planning – ⁠one where AI is not just augmenting defences but influencing how organisations structure teams, allocate budgets, and prioritise threats. At Fortinet, we are helping customers embrace this shift by embedding AI across the platform, enabling faster detection, smarter responses, and more resilient operations as cyber risks become more complex and distributed. As this complexity grows, so does the need for converged, intelligent, and adaptive security models that can keep pace.”

Fortinet threat report reveals record surge in automated cyberattacks Threat actors are increasingly harnessing automation, commoditised tools, and AI to systematically erode the traditional advantages held by defenders, according to Fortinet's latest report.

Detection gaps widen as AI-fuelled attacks reshape cybersecurity in the region Fortinet, the global cybersecurity leader driving the convergence of networking and security, on June 3 announced the findings of a new IDC survey that reveals a sharp escalation in both the volume and sophistication of cyber threats across Asia-Pacific.

Rising data security budgets fail to curb insider breaches Organisations worldwide are boosting investment in safeguarding sensitive information, but insider threats remain a costly weak spot.