Bases for establishment of major national security information systems in Vietnam

Bases for establishment of major national security information systems in Vietnam (Internet image)

Regarding this issue, LawNet would like to answer as follows:

1. What is national security information system?

According to Clause 1, Article 10 of the Cybersecurity Law 2018, a national security information system is an information system which will cause serious cybersecurity issues if is broken down, infiltrated, overridden, interfered with, disrupted, paralyzed, attacked or sabotaged.

2. Bases for establishment of major national security information systems in Vietnam

Major national security information systems are information systems of state agencies and political organizations of the Socialist Republic of Vietnam, including:

- Major national information systems according to regulations of the Cybersecurity Law 2018 of Vietnam.

- Information systems that serve the direction and operation of major works related to national security according to the law.

- Information systems that serve the direction, operation, and control of activities of major telecommunications works related to national security according to the law.

- Information systems of fields prescribed in Clause 2 Article 10 of the Cybersecurity Law 2018 of Vietnam, when there is a breakdown, intrusion, hijacking, falsification, interruption, disruption, paralysis, attack, or sabotage, will cause one of the following consequences:

+ Direct impacts on the independence, sovereignty, unity, territorial integrity of the Vietnam Fatherland, and the existence of the regime and the State of the Socialist Republic of Vietnam;

+ Severe consequences to the national defense, security, and foreign affairs, weakening the capacity to defend and protect the Vietnam Fatherland;

+ Severe consequences to the national economy;

+ Severe disasters to the human life and ecological environment;

+ Severe consequences to activities of construction works at special levels according to the decentralization of laws on construction;

+ Severe consequences to activities of the planning of guidelines and policies within the scope of state confidentiality;

+ Serious influence on the directive and direct operation of CPV agencies and agencies of the State at central levels.

(Article 3 of Decree 53/2022/ND-CP)

3. Conditions of national security information system in Vietnam

Specifically, in Clause 2, Article 12 of the Cybersecurity Law 2018, a national security information system shall have:

- Regulations, procedures and plans for assurance of cybersecurity; system operators and administrators;

- Assurance of cybersecurity of equipment, hardware and software that are system components;

- Technical measures for monitoring and protecting cybersecurity; measures for protecting the automatic monitoring and control system. the Internet of things (IoT), mixed reality systems, cloud computing, big data, rapid data and artificial intelligence systems;

- Physical protection measures, including isolation, prevention of data leak, information transmission control.

4. Subjects of cybersecurity inspection in Vietnam

According to Clause 3, Article 13 of the Cybersecurity Law 2018, cybersecurity inspection shall be carried out for:

- Hardware systems, software systems, digital devices in information systems;

- Cybersecurity regulations and measures;

- Information stored, processed and transmitted within the information system;

- Cybersecurity incident response and remediation plans of the information system admin;

- Measures for protection of state secrets; prevention of leak of state secrets through technical channels;

- Cybersecurity protection.

>> CLICK HERE TO READ THIS ARTICLE IN VIETNAMESE