Vietnamese businesses urged to turn cybersecurity into corporate culture

Information security and digital asset safety become vital for all businesses as the Government is drafting a cybersecurity law to consolidate and harmonise existing regulations. (Photo: VNA)

Cybersecurity experts note that globally, more than 80% of cybersecurity incidents stem from human error. Human defence begins with simple acts – using strong passwords, and training each employee to act as a vigilant “gatekeeper” capable of recognising increasingly sophisticated phishing emails. Equally important is the principle of installing software only from verified and trusted sources.

Ngo Viet Khoi, an information security awareness specialist and former Country Director of Trend Micro Vietnam, said many businesses spend billions of Vietnam dong on antivirus software but neglect staff training. Regular education on information security, integrated into corporate culture, he said, is the cheapest and most effective defence.

The second line of defence lies in delegating part of cybersecurity to top professionals. By using trusted cloud services and reputable applications, businesses are effectively hiring world-class security experts, not just software. This also help them, especially small- and medium-sized ones, to cut expenses and focus resources on their core activities.

The crucial third line of defence is data backup, the safety net that enables recovery after an attack. Even the most robust systems face risks. Proper backup practices can help enterprises bounce back from incidents such as ransomware attacks. Recognising potential threats and mastering correct data backup methods can significantly reduce exposure.

Another essential defence layer involves limiting access rights. Each employee should hold only the “key” necessary to perform their specific duties. By restricting access, businesses can minimise damage if an account is hacked and, more importantly, mitigate risks that may arise from within, whether by accident or intent.

Digital transformation expert Le Van Dung stressed that digital asset protection is no longer solely a corporate matter but also a national security issue requiring government intervention and policy direction. Institutionalising information security, he said, is a strategic move, especially by embedding cybersecurity obligations into law. This helps raise compliance awareness, compels businesses to invest seriously in data protection, and provides a solid legal foundation for addressing violations.

The legal codification of information security is not meant to burden businesses, but to safeguard their assets and reputation. When digital asset protection becomes a legal requirement, it will help close existing loopholes in the national economic system, build confidence among foreign investors, and foster a healthier digital economy, he said.

For small and medium-sized enterprises, Khoi emphasised that building a digital fortress must be practical, effective, and suited to available resources. It doesn’t require overly complex technology, he said, but it must strictly follow the principle of maintaining separate and secure backups.

Information security is not a goal but a continuous journey demanding long-term commitment and investment, he added./.

VNA

Source: https://en.vietnamplus.vn/vietnamese-businesses-urged-to-turn-cybersecurity-into-corporate-culture-post331012.vnp