The Ministry of Science and Technology is implementing a four-layer cybersecurity protection model.
The Ministry of Science and Technology aims to have all information systems at level 3 and above fully implement the "4-layer" protection model by 2030.
This content is part of the Comprehensive Cybersecurity Plan for the period 2026-2030, issued on May 5th. Accordingly, a four-tiered model will be implemented: On-site forces; Professional monitoring and protection organizations or businesses; Independent organizations or businesses conducting periodic inspections and assessments; and Connection and information sharing with the national monitoring system. The plan aims to ensure comprehensive and continuous cybersecurity for all information systems serving state management, scientific and technological development, innovation, and digital transformation.
The Ministry of Science and Technology aims to have 100% of information systems assessed for information security levels and approved security plans for each level by 2030. Centralized malware prevention solutions will be implemented across all information systems; and a Security Operations Center (SOC) will be established within the Ministry.
In addition to technical infrastructure, the Ministry of Science and Technology's plan also focuses on the human factor. Accordingly, 100% of information security specialists will receive regular training and participate in incident response drills. At least 80% of officials, civil servants, and employees will receive training to raise awareness of cybersecurity.
Image caption: Incident monitoring expert at a cybersecurity monitoring center. Photo: Trong Dat
To implement this plan, the Ministry has set out many specific tasks and solutions. First, heads of units under the Ministry must directly supervise and be fully responsible for cybersecurity within their units. This is a "crucial political task, a prerequisite for successful digital transformation."
Units are tasked with periodically reviewing and updating internal regulations on information security, and developing cybersecurity plans appropriate to each information system and approved level.
Monitoring, surveillance, and early detection of security risks and vulnerabilities must be carried out regularly. The Ministry will build a backup technical infrastructure, ensuring data backup and system recovery after incidents.
The plan also requires ensuring cybersecurity throughout the entire process of system design, construction, operation, and upgrading. The Ministry of Science and Technology prioritizes the use of cybersecurity products and solutions developed in Vietnam.
Regarding data protection, technical and management measures to protect personal data and state secrets must be fully implemented. This will be accompanied by solutions for training human resources and raising awareness.
The Information Technology Center is assigned to lead, monitor, guide, and supervise the implementation of the plan. Units under the Ministry will develop annual cybersecurity plans and organize their implementation within their respective areas of responsibility.
Trong Dat
According to VnExpress