HÀ NỘI — Only 11 per cent of Vietnamese enterprises and organisations are adequately prepared to respond to cybersecurity incidents, according to data released by the National Cybersecurity Association (NCA).

While this marks an improvement from just 5 per cent in 2024, the overall level of readiness remains critically low, experts said.

The statistics, based on a recent report from Cisco, reveal significant gaps in cybersecurity infrastructure across the country.

More than half of surveyed organisations (52.89 per cent) still lack sufficient technological tools to handle cyber incidents, while 56.16 per cent do not have dedicated cybersecurity personnel. These deficiencies remain a serious concern, especially as digital transformation accelerates and cyber threats become more complex and damaging.

In 2024, Việt Nam recorded more than 659,000 cybersecurity incidents, affecting around 46.15 per cent of public and private institutions. Despite the rising volume and severity of attacks, most businesses still lack the capability, processes or preparedness to respond effectively.

Recent attacks have further exposed the vulnerabilities of critical sectors. In November 2023, a ransomware attack encrypted an entire system within the energy sector. Throughout 2024, similar attacks targetted the securities firm VnDirect, resulting in system-wide encryption, VNPOST, which had 12 servers compromised and a hospital in Hà Nội, where nine servers were locked down.

More recently, in April 2025, hackers stole data from three major State-run media agencies. A local bank also suffered a serious breach, with attackers transferring over VNĐ100 billion (approximately US$3.9 million) to accounts under their control.

Deputy Director of the National Cybersecurity Centre under the Ministry of Public Security, Lieutenant Colonel, Trần Trung Hiếu, noted that poor reporting habits and a lack of preparedness had hampered response efforts in many of these cases.

“We found that affected organisations often delayed reporting incidents, failed to maintain system logs or had disabled monitoring tools. This makes it difficult to trace the attack and contain the damage,” he said.

He added that many businesses lacked essential contingency plans, such as data back-ups or system isolation protocols, leading to passive and reactive responses during crises. Co-ordination between internal teams is also often fragmented, while leaders frequently underestimate the true impact of such breaches.

Experts stressed the importance of treating cybersecurity as a strategic issue rather than an afterthought.

“There is no system too small to be attacked. If it’s connected to the Internet, it can become a gateway for a major breach,” said a representative from CMC Corporation, referencing an attack on their own systems that caused a ten-hour disruption in April 2025.

Head of the Technology Research Committee at NCA Vũ Ngọc Sơn said that business leaders must play an active role in enhancing cybersecurity preparedness.

“Cybersecurity is not something you can deal with after a breach. It must be planned early, integrated into your risk management strategy and supported from the top down,” he said.

He added that building an effective defence requires a combination of technologies, well-defined response procedures and regular drills, along with collaboration between businesses and cybersecurity experts.

The NCA also highlighted that the weakest link in most organisations remains human error. Many cybersecurity breaches stem from low levels of awareness and basic mistakes. Experts recommend that training and awareness-raising programmes should be conducted regularly to equip staff with essential cybersecurity knowledge and skills.

Beyond human training, organisations are encouraged to invest in integrated cybersecurity solutions that combine AI-powered monitoring, threat intelligence platforms and real-time analytics. These tools can help detect and respond to attacks early, before they cause widespread disruption.

Experts also advised organisations to establish clear incident response plans, define team responsibilities and maintain updated contact channels with relevant authorities.

“Preparedness includes having communication lines ready to notify law enforcement or cybersecurity experts immediately when an incident occurs,” Sơn said.

As cyber threats grow more sophisticated, experts warn that Việt Nam’s public and private sectors must act swiftly to close the readiness gap. Effective cybersecurity will be essential not only for protecting digital infrastructure but also for safeguarding the long-term development of the country’s digital economy. — VNS