Vietnam Cybersecurity Market Insight

Viet Nam is in the top of country who is hardest-hit by cyber-crimes. This article provides a broad view of the alarming situation of cyber security in Vietnam, the existing solutions and some future trends of cyber security in the country.


  1. Red Alarm for Vietnam Cyber Security

With the development of internet and technology, threats to information safety and cyber security are becoming more and more serious. In the Global Cyber Security Index (GCI) of International Communication Union, Vietnam ranks 100th out of 164 nations that are vulnerable to cyber-attacks. The purpose of GCI is to measure how each country aware the importance of cybersecurity and what they have done to improve the level of cybersecurity. The score is influenced by 5 factors which are Legal Measures, Technical Measures, Organizational Measures, Capacity Building, which relates to the cybersecurity infrastructure and Cooperation, which is about the sharing and protection commitment of cybersecurity among nations. The lower score, the more dangerous that these nations have to face.


 Vietnam is the target of cyber-crimes with more than 100,000 cyber incidents within 3 years from SMEs to Large organizations.

In 2016, the value of damage caused by cyber-attacks was up to 10,400 billion VND. In this years, Vietnam has to face the massive attacks from USB virus, Phishing mails, especially Ransomwares, etc… The best example to indicate how damage cyber-attacks has made is the Vietnam Airline customer information leakage case. The information of Vietnam Airlines VIP guess has been revealed publicly.

Even though the number of incidents occurred in 2017 was less than 2016, the value of damage in 2017, which is 12,300 billion VND is greater than 2016. Vietnam faced three major information securities issues, notably, a series of large-scale, high-intensity cyber-attacks into key areas and important national projects. The number of incidents happened does not follow any rules, it depends heavily on level of organizations’ cyber security infrastructure. The majority of these attacks took place through physical transmission infrastructure and no longer happened spontaneously, alone but became systematic and large-scale campaigns. Some significant numbers that could address the severe damage are 560,000 computers monitored by malware called BrowserSpy, that could track users’ action and steal their personal information; 139.000 computers infected by cryptocurrency malware called W32.AdCoinMiner, which spread through Facebook Messenger; and 69.6% computers attacked by WannaCry.

The given graph below expressed what kind of and how many cyber-attacks has made to Vietnam from 2013 to 2017.


Many software flaws and high-ranking officials and system operating staffs’ low awareness of cyber security have become the major obstacles in Vietnam cyber security. According to experts, Vietnam is in the “low-lying” area of information security with 78% of internet users have not been trained appropriately on network information security, thousands of websites are hacked every year, attacks on financial and banking organizations tend to increase and information leakage using phishing is quite common. In 2017, Vietnam lost over 540 million USD due to malware incidents.


  1. Cyber Security Prevention

In the market, there are a lot of companies provide cyber security solutions in form of software, hardware and services. Most of companies operating in Vietnam have to import hardware products from foreign companies because Vietnamese firms do not have capability to produce. This would lead to the opportunity for foreign companies that distribute cyber security products.

As there have been an increasing number of national attacks on large businesses, it is essential for the state and country to take active role in preventing cyber-crimes. There is no doubt that Vietnam has made positive progress in tackling the cyber security issues throughout several policy and legal documents. However, Vietnam still lacks a legal framework for cyber security issues. On June 12, 2018, Vietnam’s National Assembly passed the Law on Cyber Security with major provisions include data localization, government control over online content, and setting up local offices in Vietnam. The law is believed to have huge impact on foreign investment and firms operating in the country. It is predicted that the new law will reduce GDP growth by 1.7% and reduce foreign investment by 3.1%. However, Vietnamese government believes that this law is important for national security and citizen protection. Although there will be a need for further changes due to lacks of clarity on a number of issues, the Law has proved that Vietnamese government tends to have a much more proactive positions towards the role of the private sectors in the field of cyber security.

  1. Cyber Security Trends and Predictions

In a global scale, Portnox has predicted top five trends that would dominate the cyber security in 2019. First is the merge between security and privacy. Second Trend is the implementation of Artificial Intelligence (AI) and Machine Learning (ML) into the practical usage in cyber security, mainly for forensics and investigations in cyber events. Third, more targeted attacks are expected to happen in 2019 against wealthy and famous individuals through Ransomware. As IoT will be deployed in more business usages, there will be a rise in IoT security issues. Last but not least, the question of who should protect a country and a business from cyber security attacks is still debated.

In Vietnam, IoT is also believed as the network security issue of 2019 and security is the alarming issue of cryptography market. Besides, it is predicted that more new malware will appear in 2019, including GandCrab and a new malware using AI appeared in the initial form of PoC (Proof of Concept). However, the biggest threats of internet users come from malicious code encryption, malicious code deleting data, malicious code to dig virtual money and APT attacks. These malwares types can be combined in many different ways to maximize the spread ability, in which the most common way is the exploitation of software flaws, operating systems and phishing mail.


  1. Opportunities and Challenges

To sum up, Vietnam is considered to be a hotbed for cybercrime in South East Asia in recent years, and the number of cyber-attacks and its level of attack will keep continue to increase by year. Even though the declaration of Vietnamese Law of Cybersecurity is the very first step from the government to protect the property and minimize the damage and loss from cyber-attacks, it takes time for companies to adapt. Hence, each company, especially those operating in digital industry likes e-Banking, e-Commerce, m-Commerce, should aware this risk and build a comprehensive cybersecurity system in order to protect their property actively.

For the above reasons, Vietnam Cybersecurity Market is at the very at the introduction stage, in which there are not many players in the market and there are still rooms for new players to exploit. The market is being controlled by well-known security solutions from both international such as Cisco, Fortinet and McAfee; and local like BKAV and CMC Infosec. These companies have a large number of both online and offline retailers, but the product diversity is pretty low, this will lead to an opportunity for new players who want to entering this market. However, since companies do not aware the importance of long-term benefit and knowledge of cybersecurity, they could not get an appropriate solution. Therefore, it would take time for cybersecurity solutions providers to educate customers.