The Prime Minister requests the reinforcement of cybersecurity
|
In the official dispatch, the Prime Minister declared that numerous official documents have been sent to ministries, sectors, and localities regarding the enhancement of cybersecurity. However, some sectors and fields have yet to fully comprehend and prioritize resource allocation for implementation. This has led to incidents that compromise cybersecurity and pose potential threats to the safety of Vietnam’s cyberspace.
Furthermore, numerous information systems deployed by organizations and businesses to provide online services to citizens and enterprises have far-reaching societal impacts. As such, the utmost priority must be given to ensuring the cybersecurity of information systems belonging to government agencies, organizations, and businesses.
The official dispatch emphasizes that cyberattacks, particularly ransomware attacks, have surged recently and may continue to escalate in the near future.
In light of this, the Prime Minister has issued instructions to Ministers, Heads of ministerial-level agencies and government bodies, and Chairmen of provincial and municipal People’s Committees, as well as organizations, agencies, and businesses, to directly oversee and assume responsibility for cybersecurity.
Those responsible will be held legally accountable to the Prime Minister if the information systems under their management fail to maintain cybersecurity, leading to serious incidents.
The Prime Minister has also requested a comprehensive review and assessment of cybersecurity for information systems under their management, based on guidelines provided by the Ministry of Information and Communications. The results must be submitted to the Ministry of Information and Communications by April 30, 2024.
Strict adherence to the deadline for approving security level proposals for 100% of information systems under management, implementing and deploying cybersecurity measures in accordance with approved security level proposals.
Regular utilization of cybersecurity support platforms provided by the Ministry of Information and Communications to enhance the effectiveness of cybersecurity management and law enforcement…
Quarterly cybersecurity reports
In the event of a cyberattack, the official dispatch mandates immediate reporting of the incident to the relevant authority, specialized incident response unit, and the National Coordination Agency, as well as agencies and businesses responsible for cybersecurity management.
Compliance with incident response coordination from the National Coordination Agency and relevant authorities in: information gathering and analysis; incident handling and resolution; cause identification and source tracing; and public statements and information release…
Provision of comprehensive information on the incident, damages, and related details to the National Coordination Agency, as well as a summary, analysis, evaluation, and lessons learned, to be reported to the National Coordination Agency for compilation and dissemination.
Quarterly reports on the cybersecurity status of information systems under management must be submitted to the Ministry of Information and Communications by the 20th of the last month of each quarter.
In addition to these general tasks, the Prime Minister has instructed the Ministers of the following Ministries: Transport, Industry and Trade, Natural Resources & Environment, Information and Communications, Health, Finance, Government Office, State Bank, and the People’s Committees of Ho Chi Minh City and Hanoi to complete the approval of security level proposals for 100% of information systems by September 2024.
Regularly conduct cybersecurity audits and assessments as prescribed (minimum of once every two years for level 1 and level 2 systems; once a year for level 3 and level 4 systems; once every six months for level 5 systems), and actively identify and eliminate threats to the information systems of organizations and businesses.
For the Ministry of Information and Communications, the Prime Minister has requested guidance for ministries, sectors, and localities to review and assess the cybersecurity status of information systems belonging to government agencies, organizations, and state-owned enterprises by April 11, 2024. Summarize the findings and submit a report to the Prime Minister by April 30, 2024.
Provide guidance to agencies responsible for key sectors requiring cybersecurity prioritization to conduct reviews, assessments, and report on the cybersecurity status of organizations and enterprises by April 20, 2024. Summarize the findings and submit a report to the Prime Minister by May 10, 2024.
