The Resolution states that network security is a crucial and breakthrough task to build digital trust and a truthful, civilised, healthy and law-abiding online environment and to protect the development of the Vietnam social security industry, and successfully implement the national digital transformation.

Well aware of the importance and significance of network security, the Party delegation to Vietnam Social Security has studied and enforced the contents of the Politburo’s Resolution No 30-NQ/TW dated on July 25, 2018 on the National Cybersecurity Strategy. The practices have resulted in significant and effective transformation in awareness and actions of party members, civil servants, officials and workers in the whole industry to ensure cyber security and safety and about the position and importance of cybersecurity in the national construction and protection cause.

Over the past time, the social security industry has achieved remarkable results in ensuring information security in: leadership and guidance; deployment of technical systems; ensuring human resources; expanding relationship and enhancing collaboration efficiency.

The Vietnam social security sector strengthens network security

Besides these achievements, there remain certain weaknesses in the social security industry’s network security works such as: the staff specialised in information security and safety is lacking both in quantity and quality. At certain times, they are not promptly updated with the knowledge and skills to handle new and sophisticated cyber attacks and failed to meet the requirements for implementing and operating modern solutions and technologies. Maintaining warranty for information security infrastructure systems is not timely, leading to risks when incidents occur. There are risks associated with information technology products whilst the technical infrastructure systems are outdated and obsolete. There is also a lack of vigilance about cyber attacks and compliance with standard operation procedures and misuse of official accounts, among others.

To overcome existing weaknesses and challenges; maximise the positive and proactive roles as well as the intellectual and comprehensive strengths of the entire industry in ensuring cyber security, the Resolution sets the objectives for the social security industry to continue studying, grasping and seriously implementing the Party’s directives and resolutions, and the State’s policies and laws on network security and safety and the protection of the State secrets in cyberspace. It is important to develop a high-quality human resource specialised in cyber security; and review, formulate and issue  guiding documents, management documents and regulations on network security to ensure consistent implementation throughout the entire social security industry. The goal is to build a modern, professional, efficient social security industry in Vietnam that meets the requirements of building an e-Government and moves towards a digital Government.

Illustrative image (internet)

Specific objectives:

- 100 per cent of the staff in the social security industry well embrace the perspectives, objectives, tasks, and solutions in implementing information security as stipulated in the Resolution, which aims to promptly disseminates the directives and guidance to ensure consistency in implementation.

- 100 per cent of the staff in the social security industry are provided with further training to raise their awareness and responsibility in ensuring information security; and provided with training in digital skills, and skills to secure information on the internet.

- Reinforce the incident response team, ensuring that 100 per cent of provincial-level social security has staff specialised in network information security participating in the incident response team; maintaining the team’s meetings once every quarter to timely share information and resolve any obstacles in the implementation of network information security.

- Complete regulations and guidelines of the social security industry on network information security and professional processes associated with software-based decentralisation and authorisation, ensuring clarity of tasks and responsibilities assigned for specific personnel.

- Continue to maintain and invest, develop information infrastructure, ensuring that the network information technical infrastructure has full warranty, technical support, and copyright features.

- Continue to study and implement technical solutions to ensure network information security per State regulations.

Illustrative image (internet)

- Organise raining courses annually to develop a contingent of staff specialised in network information security; organise conferences on network security; and conduct exercises to respond to network security incidents throughout the entire industry.

- Annually conduct inspections and provide guidance on network information security at units in the entire industry.

- Conduct annual evaluation to assess the effectiveness of approved information security measures to adjust and approve the proposed level and plan for securing network information for systems that are being implemented or newly deployed.

To realise the objectives mentioned above, the Resolution proposes solutions as follows: Training and capacity building; strengthening discipline and administrative regulations; Planning and developing “technical barriers” according to appropriate roadmaps, alongside the improvement of professional software; Developing human resources; Developing technical infrastructure; and Co-ordinating with relevant agencies./.