Cyber attacks cannot be avoided, but organizations and businesses can be ready. This readiness will help units promptly fix problems and quickly restore operations. Mr. Tran Nguyen Chung
Decree 85 of 2016 on ensuring information system security by level clearly states that information systems of state agencies as well as systems serving many people and businesses need to be classified and protected. Security protection by level, from 1 to 5. Systems determined to be level 3 or higher must be periodically inspected and evaluated for information security annually.
In Decision 05 of 2017 on the system of emergency response plans to ensure national network information security, the Government directed agencies, organizations and businesses to have emergency response plans when attacked. labour.
“Although it has been implemented, up to now, the level of investment and compliance activities are still not adequate and do not meet the requirements.“, Mr. Tran Nguyen Chung commented.
It is especially recommended that agencies, organizations and businesses nationwide carry out the tasks and requirements of the Prime Minister according to the timeline stated in Directive 09 in February and Official Telegram 33 dated April 7. , representatives of the Department of Information Security noted that units are interested in reviewing all information systems within their management scope.
Along with that, according to the representative of the Department of Information Security, currently agencies, organizations and businesses are tending to hide information when encountering information insecurity incidents or cyber attacks. This makes it difficult for authorities to warn, support remediation as well as draw necessary lessons.
“Agencies, organizations and businesses need to comply with incident response reporting activities to the authorities to receive support for remediation, timely warnings on a large scale, and minimize damage to agencies. , unit”a representative of the Information Security Department suggested.
Faced with the recent increase in ransomware attacks on organizations and businesses in Vietnam, the Information Security Department has continuously issued warnings, requesting agencies, organizations and businesses nationwide, Especially units operating in the fields of finance, banking, securities, telecommunications… proactively review and deploy network information security assurance for information systems under their management. of your unit.
The Department of Information Security has also issued a ‘Handbook on compliance with legal regulations and enhancing information system security by level’ (Version 1.0), along with developing a ‘Handbook on prevention of information systems’. Prevent and minimize risks from ransomware attacks for agencies, organizations and businesses, aiming to ensure national cyberspace safety. These are useful documents to help agencies and organizations smoothly deploy information system security by level, meet set requirements, proactively prevent and protect information systems. of the unit against potential cyber attack risks.
