The National Assembly Standing Committee discussed the draft revised Cybersecurity Law at its 49th session on September 23.

This marks an important step in safeguarding national cybersecurity and enhancing the self-reliance of Vietnamese enterprises amidst rapid digital transformation.

The draft revised law not only inherits existing regulations but also adds many new provisions, particularly concerning data security – an issue that is becoming increasingly urgent in the digital age.

However, current data security regulations are still lacking, primarily focusing on data exploitation and usage rather than emphasizing the protection of data security itself.

A notable point in the draft law is the provision encouraging agencies, organizations within the political system, and State-owned enterprises to use Vietnamese cybersecurity industrial products and services. This will not only help enhance cybersecurity self-reliance but also create opportunities for domestic enterprises to develop and expand their market. However, to achieve this, businesses need to improve the quality of their products and services while ensuring compliance with quality standards and regulations.

Additionally, the draft law also adds provisions on the responsibilities of service providers in cyberspace and regulations on funding for cybersecurity protection. This places higher demands on businesses to ensure cybersecurity and also creates significant pressure on those without a properly trained workforce in this field. Requiring the heads of information systems critical to national security to undergo examination and obtain cybersecurity certificates is a necessary step to enhance management capacity and cybersecurity protection.

However, alongside the opportunities, the draft law also poses many challenges for businesses. Compliance with new regulations may increase operating costs, especially for small and medium-sized enterprises. Furthermore, reviewing prohibited cybersecurity acts needs to be done carefully to avoid causing difficulties for businesses in their operations.

According to experts, in the current context, many organizations and businesses still lack sufficient human resources and technology to effectively handle cybersecurity incidents. This could lead to significant risks for national security and social order and safety. Therefore, training and raising cybersecurity awareness for businesses are essential.

The draft law also addresses cybersecurity protection for information systems and critical national security information systems.

The National Assembly Standing Committee requested the Government to direct the drafting agency to promptly absorb and explain review comments to finalize the draft law. This demonstrates the Government's determination to complete the legal framework for cybersecurity while creating favorable conditions for businesses to develop sustainably in the digital age.