Fragmented systems, talent gaps are Vietnam's weakest cyber defence

Jointly organised by the National Cybersecurity Association (NCA) and IEC Group, among other organisations, Vietnam Security Summit 2026, held in Hanoi on May 22, placed particular emphasis on human resources, workforce development, and improving awareness and cybersecurity skills among users across government agencies, organisations, businesses, and society as a whole.

Major General Nguyen Tung Hung, deputy commander of the Cyber Warfare Command under the Ministry of National Defence, stressed that digital transformation, digital data and the Internet have become the foundation for most management, production, business and essential public service activities nationwide.

Affirming that safeguarding cybersecurity for critical national infrastructure must be regarded as a long-term strategic mission vital to national development, Hung noted that cyberattacks previously focused mainly on isolated sabotage or small-scale financial gain, whereas today’s attacks have evolved into large-scale, highly organised operations with deep technical sophistication.

“Many cyberattack groups are now leveraging AI, exploiting Zero-day vulnerabilities, targeting supply chains, and embedding malicious code silently over long periods before activation,” said Hung. “Many attacks are no longer aimed merely at stealing data, but at disrupting essential services, taking control of systems, sabotaging operational infrastructure, and undermining public trust, thereby creating economic and national security consequences.”

“One of the most enduring challenges today is the shortage of high-quality cybersecurity talent. Many enterprises lack teams with sufficient expertise, cybersecurity monitoring forces, incident response processes, and independent testing and assessment capabilities. Small and medium-sized enterprises, in particular, face significant difficulties in building dedicated cybersecurity teams due to budget constraints,” he added.

Sharing the same concern, Colonel Nguyen Hong Quan, deputy director of Cybersecurity and High-Tech Crime Prevention Department under the Ministry of Public Security, said the cybersecurity landscape is expected to remain increasingly complex in the coming period.

“Threats targeting critical information systems, financial infrastructure, energy, telecommunications, personal data, and corporate data will continue to rise,” he added. “Therefore, government agencies, organisations, and enterprises must further strengthen cybersecurity awareness, invest in technology, personnel, and risk management capabilities, and enhance coordination with relevant authorities to detect, prevent, and respond to threats at an early stage and from afar.”

Quan also suggested that Vietnam should further accelerate the development of a proactive, synchronised, and sustainable national cybersecurity ecosystem.

“This requires stronger coordination among state management agencies, technology enterprises, research institutions, and the cybersecurity expert community,” stated Quan. “The NCA will continue working alongside regulators, the business community, and technology organisations to promote cooperation, knowledge sharing, and stronger cybersecurity capabilities in Vietnam.”

Philip Dimitriu, senior director of Sales Engineering for Asia-Pacific and Japan at Sophos, pointed out that the theme of the summit, 'Take Control of Every Threat' reflected a leadership reality many organisations in Vietnam are facing today

“As digital transformation accelerates across industries, cyber risk has become directly linked to business continuity, regulatory confidence, and operational resilience. The challenge is not the lack of security tools, but the lack of control, such as limited visibility, fragmented defences, and slow response when incidents occur,” said Dimitriu.

“What differentiates successful organisations is their ability to simplify security while improving outcomes. Leaders need a clear view of risk across users, devices, and networks, and the confidence that threats can be detected early and contained quickly. This is especially critical in environments where security teams are lean and expectations around uptime, data protection, and accountability continue to rise,” he added.

Philip Dimitriu, senior director of Sales Engineering for Asia-Pacific and Japan at Sophos

According to Dimitriu, these challenges can be addressed through an integrated, AI-driven security approach that brings prevention, detection, and response together.

“Instead of managing disconnected systems, organisations gain correlated insights across their environment, allowing them to focus on real threats rather than noise. Automation works alongside human expertise to accelerate response and reduce business impact,” he added.

“'Take Control of Every Threat' is not just a slogan, but a shift from passive defence towards systematic cybersecurity risk management, helping enterprises strengthen resilience, meet compliance requirements and achieve sustainable growth in Vietnam’s rapidly evolving digital economy,” said Dimitriu.

Nguyen Tuan Khang, regional leader of Data & AI Platform at IBM ASEAN, said that as AI adoption accelerates, trust becomes a business imperative.

"Enterprises must ensure AI is transparent, secure, and governed across diverse data within a modern data platform that combines the best features of data lakes and data warehouses – known as a lakehouse," said Khang. "This session highlights how to embed governance across the full data and AI lifecycle, covering data quality, lineage, policy enforcement, and continuous monitoring for bias and compliance."

“By integrating governance into the data foundation, organisations can scale AI with confidence, reduce risk, and meet regulatory expectations. The result is a trusted, enterprise-ready AI platform that drives reliable outcomes and faster innovation,” he added.

Digital future for SMEs: no transformation without cybersecurity shield As digital transformation becomes a matter of survival for businesses, a forum held in Hanoi on April 15 underscored that digital growth cannot be achieved without robust cybersecurity, data protection and resilience in the online environment.

ASEAN Foundation launches plan to combat online scams The ASEAN Foundation has launched Scam Ready ASEAN, a regional initiative aimed at strengthening prevention against online scams across Southeast Asia.

Cybersecurity and AI threats outpacing readiness, study says Fragmentation, alert overload, and rising AI ambition are driving a shift towards platform-based, AI-powered security, a new study says.