7 urgent tasks to ensure national cyber security

On March 30, the Department of Information Security (Ministry of Information and Communications) sent an official dispatch to specialized information security units nationwide regarding strengthening network information security for information systems.

Specifically, through monitoring and surveillance of cyberspace, the Department of Information Security discovered an increasing trend of cyber attacks, especially ransomware attacks.

Recently, a number of information systems of agencies, organizations and enterprises in Vietnam have been attacked, causing disruptions in operations and material damage to the image of agencies, organizations and enterprises, as well as activities to ensure national cyberspace security.

Performing the function of state management of network information security, the Department of Information Security requests agencies, organizations and enterprises to review and deploy network information security assurance for information systems under their management, with the following main tasks:

1. Organize to review and strengthen solutions to ensure network information security for information systems, prioritizing monitoring and early warning solutions.

Conduct inspections and assessments to ensure information security of information systems under management. In case of detecting risks, vulnerabilities, and weaknesses, it is necessary to immediately implement remedial measures, especially information systems that store and process personal information and personal data. Complete before April 15, 2024.

2. Review and organize the implementation of information security assurance at all levels.

Organize the implementation of related tasks according to Directive No. 09/CT-TTg dated February 23, 2024 of the Prime Minister on compliance with legal regulations and strengthening information system security by level, especially organizing statistics and classifying information systems under management; develop a plan to implement and complete regulations on ensuring information system security by level (according to monthly progress).

Ensure that 100% of operating information systems must have their information system security level approved by September 2024 at the latest and fully implement the information security assurance plan according to the approved level proposal file by December 2024 at the latest.

3. Organize effective, substantial, regular and continuous implementation of information security assurance work according to the 4-layer model.

Relevant units should pay attention to improving the capacity of the professional monitoring and protection layer and maintaining continuous and stable connections and information sharing with the National Cyber ​​Security Monitoring Center under the Department of Information Security, Ministry of Information and Communications; prioritize the use of cyber security products, solutions and services produced or mastered by Vietnamese enterprises.

4. Develop an incident response plan for information systems under management.

According to the provisions of Circular No. 20/2017/TT-BTTTT dated September 12, 2017 of the Minister of Information and Communications regulating the coordination and response to network information security incidents nationwide.

Implement a plan to periodically back up the system and important data to promptly restore when data encryption attacks occur and report incidents to the Information Security Department as prescribed. Participate in the national network of cyber security incident response as prescribed in Article 7 of Decision No. 05/2017/QD-TTg dated March 16, 2017 of the Prime Minister.

5. Review and deploy related tasks according to Directive No. 18/CT-TTg dated October 13, 2022 of the Prime Minister on promoting the implementation of response activities to Vietnam's network information security incidents.

Conduct periodic threat hunting to promptly detect signs of system intrusion. For systems that have been found to have serious security vulnerabilities, immediately conduct threat hunting to determine the possibility of previous intrusion after fixing the vulnerability.

6. Check and update information security patches for important systems according to warnings from the Information Security Department and related agencies and organizations.

Relevant units periodically check, evaluate, and review to promptly detect information security holes and weaknesses existing in the system.

7. Regularly and continuously use the Information Security Platforms developed and provided by the Information Security Department to support agencies, organizations and businesses.

Use the National Cyber ​​Security Incident Coordination Platform (IRLab) to get guidance, receive early warnings and support for early handling of risks and incidents; Use the Digital Forensic Support Platform (DFLab) in appropriate cases to organize incident response and receive support from state agencies and leading experts in information security.

The Department also requested organizations and enterprises to review, assign focal points for professional exchange and report implementation results to the Department of Information Security before April 20, 2024 for synthesis and reporting to competent authorities.

During the implementation process, if there are any difficulties or problems or if you need support in monitoring, handling, and incident response, please contact the Department of Information Security, Ministry of Information and Communications through the following contacts:

- Vietnam Cyber ​​Emergency Response Center (VNCERT/CC), phone number 024.3640.4421 or hotline number 086.9100.317, email: ir@vncert.vn;

- National Cyber ​​Security Monitoring Center (NCSC), phone: 024.32091.616 or hotline number for monitoring and early warning support 038.9942.878, email: ais@mic.gov.vn.

- Information System Security Department, Information Security Department (guidance on ensuring information system security at all levels), phone: 0369596886, email: athttt@mic.gov.vn.