HANOI — Cybersecurity has been positioned as the primary shield of Vietnam’s government-wide digital transformation, after Secretary-General and President To Lam declared that digital systems, databases, and national platforms must be secured from the design stage — not patched after a breach occurs.
The directive came during a thematic session on digital transformation within the political system, convened by the Central Steering Committee for Science, Technology, Innovation, and Digital Transformation. The warning arrived as risks of data leaks, cyberattacks, disinformation, and harmful content grow in step with the expansion of digital public services.
For citizens and public servants alike, the message is stark: rushed digitalization without security guardrails creates new vulnerabilities. Services get faster, but citizens’ data, government records, and cross-agency systems become easy targets if protection isn’t engineered in from the start.
Why Cybersecurity Is a Foundation, Not a Feature
To Lam argued that many agencies have been too focused on building systems, converting manual processes to digital workflows, and adding online services — while data protection routinely comes last. That pattern is dangerous.
He stressed that every digital system must comply with security and safety principles at the design stage. Protection cannot be bolted on afterward like a patch. Insecure systems risk data fragmentation, misuse, and exploitation. Databases that lack uniform standards and protection are also hard to leverage as assets for national governance and the digital economy.
The real-world stakes are easy to picture. One agency holds citizen data; another stores service records; local governments manage their own databases with no shared standard. When those systems can’t communicate securely, data scatters. It becomes unreliable. Unusable.
To Lam also called for honest acknowledgment of existing shortcomings. Heavy investment in systems, platforms, and databases has not automatically produced adequate interoperability. Data keeps growing, but its full value — as a tool to serve citizens, businesses, and governance — remains largely untapped.
The Chronic Problem: Overlapping Systems and Fragmented Data
This is the part that often gets overlooked. Many countries, Vietnam included, face a classic digital-transformation trap: too many stand-alone platforms, too little cross-system connectivity, and resources scattered everywhere. The result is waste on a large scale.
To Lam identified the weakest link as implementation capacity and the direct accountability of each institution, unit, and leader. Given identical mechanisms and policies, outcomes on the ground still diverge sharply. Some agencies move forward. Others stall.
He therefore rejected the notion that digital transformation can simply be handed off to a technical department. Agency heads cannot step back. Information security cannot wait for an incident to happen. Once a breach occurs, the cost of recovery almost always dwarfs the cost of prevention.
That lesson resonates far beyond Vietnam. Whenever a government body, university, hospital, or company rushes to add digital services, speed typically wins over caution. But a single careless design decision can end in a data leak, service disruption, or lasting loss of public trust.
Data Must Be Clean, Accurate, and Shareable
To Lam’s new direction also addresses data governance directly. He called for data to be developed according to principles of accuracy, completeness, cleanliness, usability, and integrated shareability. Data, he said, can no longer sit in isolated silos across separate agencies or regions.
It must be created, managed, connected, shared, and effectively utilized. The goal is concrete: support governance, drive the digital economy, and generate value for institutions, organizations, citizens, and businesses.
Here, cybersecurity and data quality converge at the same point. Clean data without security is still vulnerable to theft. A secure system without good data standards is of limited use. Both conditions must be met simultaneously.
To Lam emphasized that when every agency and locality treats data construction and cleansing as a political responsibility — not a purely technical task — digital transformation gains a far more solid foundation. That foundation is what separates genuinely productive digitalization from modernization that only looks impressive on the surface.
AI as a Tool — With Humans Still in Command
To Lam also addressed artificial intelligence. His position was firm: the government must proactively harness AI, but must not become complacent. AI should be treated as an assistive tool for improving efficiency and effectiveness — nothing more.
He was equally clear that AI cannot replace human responsibility, authority, or decision-making. Its use must be controlled, accountable, and safeguarded against misuse. Unchecked AI deployment can amplify errors at scale, fast.
For readers, the takeaway is that digital transformation is not simply about procuring smart systems. What matters more is a clear policy framework, oversight mechanisms, and defined chains of command. Technology can be sophisticated. But decisions must remain attributable to human actors.
Cybersecurity loops back in here, too. AI systems connected to sensitive data require tighter perimeters. Without them, a tool deployed for efficiency can quietly become a new entry point for attacks and leaks.
A New Decree to Stop Duplicate Investment
Simultaneously, Deputy Prime Minister Ho Quoc Dung signed Decision No. 1132/QD-TTg, establishing criteria and a list of shared national digital platforms for institutions within the political system.
The decree states that shared national digital platforms must be maintained, operated, upgraded, and periodically improved to meet practical needs and keep pace with technological developments. Once a shared platform is operational, agencies and organizations are prohibited from building or procuring other systems with equivalent functions — except for specialized needs such as national defense, security, cryptography, or other specific regulatory requirements.
The policy targets a long-standing problem: overlapping investments, fragmented platforms, and systems that fail to interconnect. A single shared foundation lets the state conserve resources and impose far greater discipline on national data flows.
The list of shared national digital platforms is divided into two groups. Group A covers cross-sector platforms including the National Public Services Portal, electronic identification and authentication, national document exchange, data sharing and coordination, national data integration and sharing, the National Data Portal, cloud computing, a national blockchain, a national virtual assistant, and a next-generation national SOC platform. The breadth of that list signals a single ambition: every layer of the digital system must move along the same track — secured, unified, and accountable.
Ultimately, the clearest message from To Lam’s directive is this. Digitalization without cybersecurity produces systems that are fast but brittle. And when data becomes the lifeblood of public services, even the smallest vulnerability can be extraordinarily costly. The question now is how quickly every agency will treat that reality not as a warning, but as a mandate to act.
Key Takeaways
1. Cybersecurity must be embedded at the design stage of every digital system — not retrofitted after an incident occurs.
2. Fragmented data, overlapping platforms, and poor interoperability make digital transformation inefficient and risky.
3. Vietnam’s new decree restricts agencies from building duplicate platforms, pushing national systems toward a shared, more secure infrastructure.
Quick FAQ
What is the core of To Lam’s directive? Every digital system must be secure from the outset, and each agency bears direct responsibility for its own network security.
Why does this matter? Because digitalization without data protection opens the door to leaks, cyberattacks, and the misuse of sensitive information.
What does the new decree change? It curbs redundant platform investment, meaning national data will have a more disciplined, interoperable foundation going forward.
📝 Leave a Comment
Comment as . Reviewed by an admin before it appears.