The order came after the Prime Minister issued Directive No 18/CT-TTg dated October 13, 2022 on stepping-up response to cyber security incidents in Viet Nam. The Directive said that cyber security is vital in protecting the country's successful development in the digital era. Responding to cyber security incidents is crucial to help agencies and organisations minimise damage, even when serious incidents occur.

Therefore, the agency sent official Dispatch No 3608/BHXH-CNTT to all units on accelerating the implementation of activities to respond to cyber security incidents.

Under the dispatch, heads of the units are told to take responsibility if they fail to respond to such incidents, resulting in serious consequences at the unit.

The activities to respond to cyber security incidents must be active instead of passively performed.

The units have to actively seek out threats and scan for vulnerabilities in information systems within the scope of management at least every six months.

Viet Nam Social Security promotes response to cyber security incidents

The units are also required to seriously review, detect and overcome the gaps and weaknesses according to the warnings of the agency’s Information Technology Centre and other authorised agencies; proactively monitor and detect risks of cyber security incidents in order to promptly handle, remedy and comply with regulations on reporting cyber security incidents; and promote dissemination to users to raise their awareness of cyber-attacks.

Activities to ensure cyber security of the agency; information related to the response to cyber security incidents; as well as risks related to cyber security have been updated and shared with units in the column "Response to cyber security incidents” on Viet Nam Social Security’s official website https://baohiemxahoi.gov.vn/tintuc/Pages/hoat-dong-ung-cuu-attt-mang.aspx.

The dispatch also asks the division in charge of network information security of the units to perform regular tasks, such as acting as the focal point to receive and manage cyber security incidents; respond, handle and seek out threats related to cyber security; research and monitor risks of cyberattacks, information on vulnerabilities and weaknesses; practice skills to protect information systems and participate in training programmes and drills organised by the agency.

Illustrative image (internet)

The Information Technology Centre has to assign tasks to members of the agency’s Incident Response and Network Information Security Team, following Document No 4258/BTTTT-CATTT, dated October 26, 2021 of the Ministry of Information and Communications; organise combat drills at least once a year in order to assess the ability to prevent intrusions and detect weaknesses in the system, technology and people.

The agency requires units to seriously implement the dispatch’s content. During the implementation, if there are any problems, they must report them promptly to the agency’s Information and Technology Centre for further support.

Illustrative images