Login / Register
07:44 | 23/07/2024

Strengthening the Implementation of Cybersecurity Incident Response Activities in Vietnam according to Directive 18/CT-TTg of 2022

Regarding the inquiry about promoting the implementation of activities to respond to network information security incidents in Vietnam, how does the Prime Minister of the Government of Vietnam direct it? - Question from Mr. Bao from Ha Giang

Network Information Security Incident Response in Vietnamese Agencies, Organizations, and Enterprises Currently Not Meeting Requirements?

In Directive 18/CT-TTg in 2022 issued by the Prime Minister of the Government of Vietnam, the issue is clarified as follows:

- Network information security is a crucial pillar to establish digital trust and protect the prosperous development of the country in the digital era to successfully implement national digital transformation, one of the central and strategic breakthrough tasks set forth at the XIII National Congress of the Communist Party of Vietnam.- Network information security incident response is a critical, urgent activity that helps agencies and organizations minimize damage, even in the event of severe incidents.- However, the current network information security incident response in Vietnamese agencies, organizations, and enterprises does not meet the requirements for early proactive response and prompt, effective handling of increasingly large and complex cyberattacks that can cause unforeseen consequences for economic and social development and stability.

Strengthening the implementation of network information security incident response activities in Vietnam according to Directive 18/CT-TTg in 2022Strengthening the implementation of network information security incident response activities in Vietnam according to Directive 18/CT-TTg in 2022 (Image from the Internet)

Network Information Security Incident Response Activities Must Shift from Passive to Proactive?

In Section 1 of Directive 18/CT-TTg in 2022 issued by the Prime Minister of the Government of Vietnam, the urgent tasks are outlined as follows:

- First:

Ministers, heads of ministerial-level agencies, agencies under the Government of Vietnam, Chairpersons of the People's Committees of provinces and centrally-run cities, Chairpersons, and CEOs of state corporations, organizations, and enterprises that are members (or have affiliated units that are members) of the National Network Information Security Incident Response Network must thoroughly inform all organizations and individuals within their management scope of the principle "Network information security incident response is an important activity to detect, prevent, handle promptly, and remediate network information security incidents."

- Seriously direct the implementation of the contents of this Directive and be accountable to the Prime Minister of the Government of Vietnam if there is negligence in network information security incident response, leading to severe consequences and damage in the managed agencies and units.

- Second:

Network information security incident response activities must shift from passive to proactive, which includes:

+ Proactively performing threat hunting and vulnerability scanning on information systems within the management scope at least once every six months;+ Issuing incident response plans and scenarios for information systems by December 31, 2022, and updating promptly when there are changes;+ Organizing real-world drills at least once a year for information systems of level 3 or higher to assess prevention capability and promptly detect weaknesses in processes, technology, and personnel.

- Third:

Organize and consolidate the Incident Response Teams by December 31, 2022, towards professionalism and mobility, with at least five cybersecurity experts (including outsourced experts) who meet the cybersecurity skills standards prescribed by the Ministry of Information and Communications.

- Fourth:

The lead agencies of the 11 key sectors prioritized for ensuring network information security (according to Decision 632/QD-TTg in 2017) should focus on sharing information about network information security risks and incidents with the managed agencies, organizations, and businesses, and promptly and effectively serve the sector-specific Incident Response Teams (CERT sectors).

- Fifth:

Assign Incident Response Teams to carry out regular tasks such as: being the focal point for incident reception and management; incident response and handling and threat hunting; researching and monitoring cyberattack risks, vulnerability, and weakness information; training protection skills for information systems, and participating in training and drills organized by the National Coordinating Agency.

- Sixth:

Allocate sufficient funding to ensure the activities of the Incident Response Teams; attract high-quality human resources to engage in network information security incident response work.

- Seventh:

Seriously conduct reviews, detection, and remediation of vulnerabilities and weaknesses according to warnings from relevant authorities; proactively monitor and detect early network information security risks for prompt handling and remediation.

- Eighth:

Implement measures to control network information security risks caused by third parties and the information and communication technology supply chains;

- Ninth:

Seriously comply with the regulations on reporting network information security incidents; enhance public awareness on reporting and providing information about incidents.

- Tenth:

Encourage the implementation of campaigns to raise end-user awareness of cyberattacks;

- Eleventh:

Publicize the contact information (phone numbers, emails, or other communication channels) for receiving incident notifications on the electronic portal of the organization by October 31, 2022.

Guideline for Developing Incident Response Teams for 11 Key Sectors?

In Section 2 of Directive 18/CT-TTg in 2022 issued by the Prime Minister of the Government of Vietnam, the Ministry of Information and Communications is tasked with:

- The Prime Minister of the Government of Vietnam requests the Ministry of Information and Communications to guide the development of Incident Response Teams for 11 key sectors prioritized for network information security according to Decision 632/QD-TTg in 2017; guide the regular activities of the Incident Response Teams and establish the competency framework for the Incident Response Teams by November 30, 2022.

- Promote real-world information security drills in agencies, organizations, and businesses; use drill results as criteria to evaluate the maturity and professionalism of annual Incident Response Teams; organize, guide, monitor, urge, inspect, and evaluate the implementation of this Directive; summarize and report the results to the Prime Minister of the Government of Vietnam.

- The Ministry of Public Security and the Ministry of National Defense are responsible for implementing incident response activities according to their functions and duties; closely coordinate with the Ministry of Information and Communications in national network information security incident response activities.

See detailed content at: Directive 18/CT-TTg in 2022 issued by the Prime Minister of the Government of Vietnam.

LawNet

  • - This English translation is for reference purposes only and not a definitive translation of the original Vietnamese texts;
  • - Articles may be compiled from a variety of sources;
  • - Applicable Terms may have expired at the time you are reading;
  • - If you have any questions about the copyright of the article, please contact us via email banquyen@lawnet.vn;
Legal Grounds
The latest legal advice
Recently viewed news

Strengthening the Implementation of Cybersecurity Incident Response Activities in Vietnam according to Directive 18/CT-TTg of 2022
MOST READ
{{i.ImageTitle_Alt}}
{{i.Title}}