Prime Minister orders strengthening response to cyberinformation security incidents

Cyberinformation security is vital in protecting the country's successful development in the digital era. Responding to cyberinformation security incidents is crucial to help agencies and organizations minimize damage, even when serious incidents occur.

To enhance the effectiveness of network incident response operations, the Prime Minister directs ministries, ministerial-level agencies, provincial/municipal People's Committees, state corporations and organizations to implement the following contents:

First, they must employ active approach in responding to cyberinformation security incidents, including:

Actively search for threats and scan for vulnerabilities in information systems within the scope of management at least once every six months; Issue emergency response plans and scenarios for the information system before December 31, 2022, and promptly update when there are changes; Organize combat drills at least once a year for information systems at level 3 or higher to promptly assess the ability to prevent intrusion and detect weaknesses in processes, technology and people. In the case of detecting weaknesses, security holes that allow penetration and control of the system, simultaneously remediate weaknesses and vulnerabilities, and hunt for threats.

Second, the Ministry of Information and Communications must develop Incident Response Teams for 11 important areas prioritized to ensure cyberinformation security according to Decision No. 632/QD-TTg dated May 10, 2017, of the Prime Minister; build the Team's capacity framework by November 30, 2022.

Third, enterprises providing telecommunications and Internet services shall publish contact information for handling incident notices on the portal before October 31, 2022; educate customers on how to report network information insecurity incidents./.