Activities to respond to and remediate cybersecurity incidents occurring to National security information systems in Vietnam

Activities to respond to and remediate cybersecurity incidents occurring to National security information systems in Vietnam (Internet image) 

Regarding this matter, LawNet would like to answer as follows:

1. Activities to respond to and remediate cybersecurity incidents occurring to National security information systems in Vietnam

Clause 1, Article 15 of the Law on Cybersecurity 2018 stipulates that response and remediation of cybersecurity incidents occurring to National security information systems include the following activities:

- Discovery and identification of cybersecurity incidents;

-Scene protection and evidence collection;

- Limiting the scope of and damage caused by the incident;

- Determination of the scope of response and subjects that need assistance;

- Verification, analysis, assessment and classification of the cybersecurity incident;

- Execution of the response and remediation plan;

- Identifying causes and origins of the incident;

- Investigation and handling;

In addition, Clause 3, Article 15 of the Law on Cybersecurity 2018 stipulates the coordinating response and remediation of cybersecurity incidents occurring to national security information systems as follows:

- Professional cybersecurity forces of the Ministry of Public Security shall coordinate response and remediation of cybersecurity incidents that occur to national security information systems other than those mentioned in Point b and Point c of Clause 3, Article 15 of the Law on Cybersecurity 2018; participate in cybersecurity incident response and remediation activities on request; inform the system administrators whenever a cyberattack or cybersecurity incident is discovered;

- The professional cybersecurity force of the Ministry of National Defense shall coordinate response and remediation of cybersecurity incidents that occur to military information systems;

- Vietnam Government Certificate Authority shall coordinate response and remediation of cybersecurity incidents that occur to their cryptography systems.

2. Regulations on supervision of cybersecurity of national security information systems in Vietnam

Article 14 of the Law on Cybersecurity 2018 stipulates supervision of cybersecurity of national security information systems in Vietnam as follows:

- Cybersecurity supervision means collection and analysis of information in order to identify cybersecurity threats, cybersecurity incidents, weaknesses and vulnerabilities, malicious codes and hardware, based on which warnings and solutions will be made.

- Administrators of national security information systems shall cooperate with professional cybersecurity forces in supervision of the systems; establish a mechanism to give warnings and receive warnings about cybersecurity threats, cybersecurity incidents, vulnerabilities, malicious codes, malicious hardware and develop emergency response plans.

- Professional cybersecurity forces shall supervise national security information systems under their management; give warnings and cooperate with their administrators in responding to cybersecurity threats, cybersecurity incidents, vulnerabilities, malicious codes and malicious hardware.

To Quoc Trinh

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE