Prime Minister Pham Minh Chinh directs resolute efforts in ensuring national cybersecurity
Given the increasingly complex nature of cyberattacks, particularly ransomware incidents targeting critical agencies and organizations, which significantly impact operation, economic and social development. Prime Minister Pham Minh Chinh has issued a directive urging ministries, sectors, localities, and businesses to thoroughly review and assess the information security situation.
The directive outlines 6 critical areas that require the highest level of attention and consideration. In addition, the Prime Minister emphasizes that units must directly oversee and take fully responsibility for cybersecurity, legally and to the Prime Minister, for any failure to ensure the safety of network information systems under their management, leading to serious incidents.
Agencies, organizations, and businesses are required to conduct a comprehensive review and assessment of network information security for systems under management, following the guidance of the Ministry of Information and Communications, and submit the results to the Ministry before April 30. The Ministry of Information and Communications will closely coordinate with the Ministry of Public Security, the Ministry of National Defense, and relevant agencies to monitor, detect, provide early warnings, and respond to cybersecurity incidents.
Furthermore, priority should be given to the development and implementation of IT application plans, with provisions for cybersecurity. At the same time, the completion deadline for approving safety level proposals for 100% of information systems under management must be strictly adhered to. Additionally, quarterly reports on network information security assurance must be submitted before the 20th of the last month of each quarter.
Enhancing Cybersecurity Assurance, Especially During the Upcoming Holidays
Cybersecurity review activities must be completed and reported before April 30, prior to the country entering the largest holiday period of the year on April 30 and May 1. The holiday period is a sensitive time when systems are not closely monitored, inspection forces are thin, and cybersecurity systems are lax. With the "holiday mood," individuals are often less vigilant. Exploiting these vulnerabilities, this becomes an ideal time for cybercriminal attacks.
What do businesses need to do to enhance vigilance and maintain continuous Information Security assurance?
Security measures for IT systems during upcoming holidays:
Before the holiday period:
1. Software and operating system updates - Simple but crucial activities
- Ensure all software and operating systems are updated with the latest security patches.
- Install reputable antivirus and anti-malware software, and keep it up to date.
- Regularly back up important data and store it in a secure location.
2. Enhance employee awareness
Every individual is a strong line of defense, so it is important to focus on strengthening the security posture of the business.
- Organize cybersecurity training for employees to raise awareness of common cybersecurity threats during the holidays.
- Remind employees to be cautious with suspicious emails, messages, and attachments.
- Encourage employees to use strong passwords and secure personal information, and to be cautious when providing information on suspicious websites.
*Consider implementing authentication attack prevention solutions, enhancing the security of personal information in the enterprise with YubiKey
*Tips for personal IS&T assurance during the holiday
3. Enhance system monitoring - Actively protect the security of the enterprise
- Monitor network and computer systems to detect unusual activities.
- Use network security monitoring tools to detect and prevent cyber-attacks.
- Install firewall and intrusion detection systems (IDS) to protect the network.
System monitoring activities and early warning are always encouraged to be strengthened in every enterprise to ensure the awareness of the enterprise's system status. From this overall picture, the enterprise can take measures to protect data assets before hacker intrusions occur. These activities also require high-level solutions and expertise to monitor, supervise, and operate.
Currently, HPT provides HCapollo - Cyber security monitoring and alert solution, along with Cyber security Monitoring Service (SOC) combined with various monitoring and tracing solutions to enhance the effectiveness of information protection against potential attacks. HPT's solutions and services are always flexible to meet the needs of customers, providing the best solutions.
See more:
Security solutions
Cyber Security Services
On holiday period:
4. Limit remote access
- Restrict access to IT systems remotely, especially from personal devices.
- Use VPN to secure remote connections.
- Implement two-factor authentication (2FA) to enhance security for remote access.
*Yubikey Passwordless two-factor Authentication (2FA) solution– One-touch security, Easy integration, Strong authentication
5. Monitor and respond to incidents
- Implement continuous monitoring of network systems and computers to detect signs of cyber attacks.
- Develop a comprehensive incident response plan to efficiently address and mitigate network security breaches.
- Update contact information for the cyber security incident response team.
After the holiday period:
6. System Review and Evaluation
- Review the IT systems to identify any new security vulnerabilities that may have arisen during the holiday period.
- Evaluate the effectiveness of the security measures that have been implemented.
- Update and improve security measures to strengthen the protection of IT systems.
Checking and reviewing the system regularly and periodically is essential to identify vulnerabilities susceptible to hacker attacks through information security testing operations, enabling timely patching of vulnerabilities and planning for enhanced security solutions before cyberattacks occur and cause significant damage to the business.
*The Penetration Testing service (Pentest) provided by HPT has received Ho Chi Minh City Exemplary service awards and the "Key to Gold" award presented by the Vietnam Information Security Association (VNISA) in collaboration with the Information Security Department, under the auspices of the Ministry of Information and Communications.
For more information on the solution, click here.
Amidst the complex developments in domestic cybersecurity, HPT, as a technology enterprise, has supported many businesses in ensuring information security and collaborated with state agencies in building a safe and secure IT environment. HPT is committed to continuing its support for businesses, removing barriers alongside them. With our experience and professional expertise, we will remain a reliable companion for all enterprises.
Contact HPT now to receive support from leading cybersecurity experts.
The Prime Minister's directives are compiled from VN Express. For more details, please visit here