04:33 | 10/03/2023

What are cyberinformation security products and services in Vietnam? What are the conditions for trading in the field of cyberinformation security in Vietnam?

I would like to ask what the conditions for trading in the field of cyberinformation security in Vietnam are. – Question of Mr. Hieu (Binh Duong)

What are cyberinformation security products and services in Vietnam?

Pursuant to Article 41 of the 2015 Law on Cyberinformation Security in Vietnam stipulating that cyberinformation security products and services include:

Cyberinformation security products and services
1. Cyberinformation security services include:
a/ Cyberinformation security testing and evaluation services;
b/ Information confidentiality services without using civil cryptography;
c/ Civil cryptographic services;
d/ E-signature certification services;
dd/ Cyberinformation security counseling services;
e/ Cyberinformation security supervision services;
g/ Cyberinformation security incident response services;
h/ Data recovery services;
i/ Cyber-attack prevention and combat services;
k/ Other cyberinformation security services.
2. Cyberinformation security products include:
a/ Civil cryptographic products;
b/ Cyberinformation security testing and evaluation products;
c/ Cyberinformation security supervision products;
d/ Attack and hacking combat products;
dd/ Other cyberinformation security products.
3. The Government shall issue detailed lists of cyberinformation security products and services mentioned at Point k, Clause 1, and Point dd, Clause 2, of this Article.

At the same time, according to Article 3 of Decree No. 108/2016/ND-CP detailing cyberinformation security products and services as follows:

- Cyber information security products include:

+ Information security risk evaluation products which are hardware or software applications designed to scan, monitor and analyze the configuration, status and log data, detect and identify vulnerabilities and make information security risk assessments.

+ Information security monitoring products which are hardware or software applications designed to monitor and analyze electronic data; collect and analyze real-time data logging; detect and give warning of potential risks or events that may threaten the information security;

+ Instruction detection and prevention products which are hardware or software applications designed to help save the system from cyber-attacks.

- Cyber information security services include:

+ Information security monitoring services provided to monitor and analyze electronic information, collect and analyze real-time data log, detect and give warning of potential risks or events that may threaten information security;

+ Intrusion detection and prevention services provided to monitor, collect and analyze real-time activities on the system or network in order to detect and prevent malicious activities targeted into the network or system;

+ Information security consulting services aiming to give advices, testing, assessment, offer, design and execution of information security solutions;

+ Incident response services provided to response or adopt appropriate measures to promptly remedy information security incidents;

+ Data recovery services provided to salvage data that has been damaged or deleted;

+ Information security risk evaluation services provided to scan, monitor and analyze the configuration, status and log data, detect and identify vulnerabilities and make information security risk assessments.

+ Information confidentiality without civil cryptography provided to ensure user's information confidentiality without the backup of civil cryptography.

What are cyberinformation security products and services in Vietnam? What are the conditions for trading in the field of cyberinformation security in Vietnam?

What are cyberinformation security products and services in Vietnam? What are the conditions for trading in the field of cyberinformation security in Vietnam? (Image from the Internet)

What are the conditions for trading in the field of cyberinformation security in Vietnam?

Pursuant to Article 40 of the 2015 Law on Cyberinformation Security in Vietnam stipulating as follows:

Trading in the field of cyberinformation security
1. Trading in the field of cyberinformation security is conditional and covers trading in cyberinformation security products and provision of cyberinformation security services.
2. To trade in cyberinformation security products and services specified in Article 41 of this Law, an enterprise must obtain a license for trading in cyberinformation security products and services from a competent state agency. Such a license shall be valid for 10 years.
3. Trading in cyberinformation security products and services must comply with this Law and other relevant laws.
Conditions and the order and procedures for grant of licenses for trading in civil cryptography products and services, export and import of civil cryptography products, responsibilities of enterprises trading in civil cryptography products and services, and use of civil cryptographic products and services must comply with Chapter III of this Law.
Conditions and the order and procedures for grant of licenses for provision of e-signature certification services must comply with the law on e-transactions.

Thus, to trade in cyberinformation security products and services specified in Article 41 of this Law, an enterprise must obtain a license for trading in cyberinformation security products and services from a competent state agency.

Trading in cyberinformation security products and services must comply with the 2015 Law on Cyberinformation Security in Vietnam and other relevant laws.

Conditions and the order and procedures for grant of licenses for trading in civil cryptography products and services, export and import of civil cryptography products, responsibilities of enterprises trading in civil cryptography products and services, and use of civil cryptographic products and services must comply with Chapter III of the 2015 Law on Cyberinformation Security in Vietnam.

Conditions and the order and procedures for grant of licenses for provision of e-signature certification services must comply with the law on e-transactions.

What are the contents of a license for trading in cyberinformation security products and services in Vietnam?

Pursuant to Clause 2, Article 44 of the 2015 Law on Cyberinformation Security in Vietnam, a license for trading in cyberinformation security products and services must have the following principal contents:

- Name of the enterprise and its transaction name in Vietnamese and a foreign language (if any); and its head office address in Vietnam;

- Name of the enterprise’s at-law representative;

- Serial number, date of grant and expiry date of the license;

- Cyberinformation security products and services licensed for trading.

LawNet

Legal Grounds
The latest legal advice
MOST READ
{{i.ImageTitle_Alt}}
{{i.Title}}