Post Covid Recovery in Vietnam’s Cybersecurity Market

The cybersecurity market in Vietnam is projected to accelerate at a CAGR of 14-15% and hit $215 million by the end of 2023. As the country is on digital transformation drive, there is heightened demand for cybersecurity solutions primarily related to UTM and Insider Threat Mitigation strategy across retail, ecommerce, financial sectors, government entities and healthcare business.

Definition / Scope
Market Overview
Key Market Metrics
Market Risks
Market Drivers
Market Restraints
Industry Challenges
Technology Trends
Regulatory Trends
Other Key Market Trends
Market Size and Forecast
Market Outlook
Technology Roadmap
Competitive Landscape
Competitive Factors
Key Market Players
Strategic Conclusion
References
Appendix

Definition / Scope

Cybersecurity is the protection of internet connected systems, including hardware, software and data from cyber-attacks. Anything connected to internet is exposed to cyber threats. Cybersecurity is the need of the hour as of the rising cyber security complexity and proliferation of IoT, mobile networks and cloud-based channels, growing peer-to-peer transactions necessitating users to disclose personal identity as well as increasing adoption of emerging technologies such as robotics, artificial intelligence and quantum computing anything.

McAfee, a cyber security firm projects that cybercrimes costs annual $450 billion to the global economy. In addition, it is estimated that the financial impact from cyber-attacks is over $2 trillion in the ASEAN region.

With digitization and connectivity becoming the norm of the 21st century, people and companies alike are exposed to the increasing risk of cyber threats such as:

Malware is an all-encompassing term for a variety of cyber threats including Trojans viruses and bombs. Malware is simply defined as code with malicious intent that typically steals data or destroy something on computer.

Phishing often pose as a request for data from a trusted third party phishing attacks are sent via email and asked users to click on a link and enter the personal data.

Password attacks refers to an act where a third party try to gain access to user’s system by cracking the user’s password.

DDoS stands for Distributed Denial of Service Ad or staff focuses on disrupting the service of a network. Attackers send high volumes of data or traffic through the network until the network becomes overloaded and can longer function.

By impersonating the endpoint in an online information exchange that is the connection from smartphone to a website the Man in the middle attacks(MITM) attacks can obtain information from the end users and entity the users are communicating with. The MITM will receive all the information transferred between both parties which could include sensitive data bank accounts and personal information.

in case of drive-by downloads, through malware on a legitimate website, a program is downloaded to a user’s system just by visiting the site it does not require any type of action by the user to download it.

Maladvertising is a way to compromise your computer with malicious code that is downloaded to the system when you click an affected ad.

Rogue software is basically malware that are masquerading as legitimate and necessary security software that will keep the system safe

According to Committee to Protect Journalists, Vietnam was ranked as one of the 10 most censored countries in the world. Its new law was criticized as it is viewed as a “sovereign and controlled “internet model to substantiate online content control rather than protecting citizens against cyber-attacks. Vietnam aims to build a safer cyberspace which will ensure social security and order, defend national sovereignty and lead to digital transformation and sustainability.

As per the International Telecommunication Union (ITU), Vietnam ranks 50 out of 193 countries in the Global Cybersecurity Index. It is placed 11th in Asia Pacific and 5th in ASEAN. The country aims to be in the top 30 in the GCI Index by 2030 and is focusing on development of legal, technical, organizational, capacity building and co-operation issues.

Market Overview

There are over 24,500 business engaged in ICT sector in Vietnam. Its IT sector revenue accounts for $67.6 billion out of which the total number of IT exports is worth $60.8 billion. By 2025, Vietnam’s digital economy is expected to cross $43 billion. To realize this, the country is in the pursuit of projects in e-government, internet of things, smart cities, financial technology, artificial intelligence.

As a result of advancement of digital services in the country, Vietnam faces an increasing threat of cyber-attacks. It is estimated around $902 million is lost in revenue due to cyber threats in Vietnam. Considering this, Vietnam’s cybersecurity market appears to be promising especially to US hardware and software producers that can address security concerns for Government, Finance, Banking and Insurance, E-Commerce, and Energy sectors. In 2020, the cybersecurity market in Vietnam is estimated to be $60 million and the market is likely is hit $215 million by the end of 2023.

In the workshop organized by Vietnam Information Security Association (VNISA), it was declared that the country has mastership of 90% of the ecosystem of network safety and security products serving the party and state agencies and by early 2021, the mastership is expected reach 100%.

In terms of the Security Index published by International Telecommunication Union, Vietnam ranked 101st amongst its 193 countries on cybersecurity issues, dropping 25 levels compared to 2016. In a matter of a year, in 2018, Vietnam climbed to 50^th position in the global cyber security index and has solidified its position to 25th in GCS Index by 2020 end.

As per the Vietnam Computer Emergency Response Center (VNCERT), the number of cybercrimes is expected to rise with growing digital penetration in sectors such as Retail, ICT and Banking and Financial Services.

Key growth segments:

The Unified Threat Management (UTM) solution segment has high growth potential as of the rising security awareness amongst SMEs, compliance-based buying from large enterprises and cyber security companies’ strategy to enhance their products by adding more features.
Between 2020-2025, Vietnam’s retail market is projected to grow at 26%. Due to the lack of safe security infrastructure for online payment transaction, the companies in retail sector are heavily investing in payment and data security solutions. As per the Vietnam Bank Proprietary data, the retail market witnessed an increase in the number of credit card transactions from 10 million in the year 2013 to 46 million in 2018, which corresponds to the surge in the number of cyber threats incidents in this sector. Vietnam is ranked 6th in the world in terms of offline attacks and 17th in online attacks.
An insider threat mitigation strategy is widely adopted in organizations to prevent threats such as HID level rouge devices, sharing of log-in credentials, accidental leaking of sensitive data to the wrong recipients among others.

Key Market Metrics

Base Year	2020
Market Stage	Growth
Market Revenues (2023, USD)	$215 million
Market Growth Rate (2020-2023, %)	14-15%
Number of Companies in the market	–
Market Concentration (% of market share help by top 3 market players)	–

Top Market Opportunities

With rapid application of digitization across Vietnamese business and public institutions, there is the need for prompt set up of cyber security solutions across these institutions. Some of the key businesses that are the demand drivers for cybersecurity services in Vietnam include:

Financial services

In line with the growth of financial institutions in the country, there have also been increase in demand for cybersecurity solutions to address increasing cyber threats. Vietnam was one of the victim of systemic cyber hack accounting for over $90 million in stolen funds through SWIFT network at banks in Bangladesh, Vietnam, and Ecuador.

The Vietnamese government plans to collect 80% of tax payments in cities through banks and treasuries across all provinces and cities to offer cashless payment systems by the end of 2020. Moreover, many large state-owned and private banks in Vietnam are working with third party cyber security vendors to offer cyber security solutions to safeguard their data. For instance, the State Bank of Vietnam (SBV) is pursuing financial inclusion and is encouraging cooperation between commercial banks and FinTech companies. SBV is focusing on the development of digital payments to fortify the security and safety of e-banking, mobile banking and digital transactions.

Different security mechanisms applied by the Finance, Banking and Insurance sector in Vietnam include:

Network security: DDoS, Web Application Firewall, Pentest, Anti-spam, and APT solutions
Endpoint security: Network Access Control, Identity and Access Security
Centralized security: Security Information and Event Management (SIEM) and Privileged Identity Management (PIM)

Healthcare

Vietnam is driving a national agenda popularized as connected healthcare initiative under Ministry of Health. This initiative works towards smart healthcare through adoption of healthcare information systems. By the end of 2019, the Ministry launched electronic medical records systems across all hospitals and health centers.

Since 2018, Vietnamese government has set a plan to exercise Electronic Health Records (EHRs). In 2020, only 24 provinces implemented EHRs and so Vietnam has set a target that by 2025, 95% of its nationwide population will have EHRs. In light of this fact, emerging EHR providers such as FPT and eHospitals are strengthening its foothold in Vietnam.

Companies engaging in Vietnam’s digital healthcare sector need to comply with various enforcement rules such as Law on Network Information Security (LNIS) and data privacy and protection laws including law on E-transactions, Law on Protection of Consumers’ Rights and Interests, Law on Competition, Law on Cybersecurity, Law on Cybersecurity and data localization laws. Therefore, assorted and ambiguous laws could lead to compliance challenge for digital health business in Vietnam.

Some of the security measures applied by the digital health sector in Vietnam include:

Next-Generation Firewall
Malicious Code Analysis
APT Prevention and Control
Endpoint and End-user Protection

Government

During 2021-2025 period, the Vietnamese government aims to transition to the top 30 countries in E-government Development Index by 2030 end. The Vietnamese government has a central role in implementing the IT budget and plans to operationalize the budget in Industry 4.0 technologies adopting e-government solutions and cyber security strategies. In line with its commitment to enhance e-government programs, Vietnamese government is improving its e-government capacities. As a result, there have been 95% increase in electronic tax declarations. In addition, the government initiated a one-door customs mechanism and electronic health insurance cards.

Besides this, the directive 16 guides the Vietnamese government to develop new digital infrastructure and networks and encourage business to adopt new technology. The directive includes:

Apply smart technology across all industries
Form innovation ecosystem
Prioritize tech start-ups
Build technological skills
Promote Industry 4.0

Several government agencies in Vietnam including ministries, state-owned and provincial committees are responsible for ensuring cyber security and safety of their organization by:

Assigning a sub-unit to handle the cybersecurity inside the company
Allocate 10% of IT spending on cybersecurity
Adopting cybersecurity solutions from renowned service providers
Engaging at least one service provider that offer cybersecurity services

The government of Vietnam appears to demand security solutions related to:

Web Application Firewall
Advanced Persistent Threat (APT) Prevention and Control
Malicious Code Analysis
Endpoint and End-User Protection
Network Access Control (NAC)
Security Information and Event Management (SIEM)

Small and medium-sized enterprises (SMEs)

SME comprise 98% of Vietnam’s total enterprises and contribute about 40% to its GDP. These enterprises are increasingly adopting digital innovation to modernize and expand operations. As per IDC, majority of the SMEs in Vietnam are investing in cloud computing, cyber security and software and hardware upgrades. IDC reports 12.7% of its respondents consider cybersecurity technology to be their top three technology investments. However, 74% of the SMEs still do not pay attention to cybersecurity.

Security measures enrolled by the small and medium-sized enterprise in Vietnam include:

Firewall
Pentest
Data storage
Privileged Identity Management (PIM)
Endpoint security

Industry 4.0

Vietnam is in the verge of transforming its economy through widespread adoption of digital technologies in order to transition towards high-income economy by 2045. Vietnamese government plans to improve productivity and accelerate economic growth by pursuing its national agenda of utilizing Industry 4.0 technologies. A national strategy on Industry 4.0 was released in 2019, which focused on R&D investments, connectivity infrastructure, and digital governance.

The strategy has set a target for Vietnam to be among the top 40 performers in the Global Innovation Index (GII), the top 30 in the International Telecommunication Union (ITU)’s Global Cybersecurity Index (GCI) and the top 50 in the United Nations (UN)’s e-Government Development Index (EGDI) by 2030.

To this end, technology plays a big part in its national drive of Industry 4.0, yet, Vietnam’s cybersecurity posture is relatively weak compared to rest of its ASEAN counterparts. In 2020, Vietnam ranked 14th in the world in terms of malware attacks through the internet. Hence, there is a dire need for full-fledged execution of cybersecurity measures in the country.

E-commerce

As per Statistica, the revenue in Vietnam e-commerce market accounted for $2,269 million in 2018 with expected annual growth rate of CAGR 14.6% between 2018-2023, resulting in a market volume of $4,476 million by 2023.

In Vietnam, E-commerce is expected to show rapid growth due to the development in mobile communication technologies and covid induced lockdowns. 4G is adopted by 95% of the households in Vietnam and the country plans to introduce 5G mobile technology by the 2020 end. With over 60 million internet users, the e-commerce industry is expected to cross $9 billion by 2025. As per Infocus Mekong research, in 2020, the pandemic increased online shopping by 30%. Therefore, to secure the e-commerce ecosystem in the country, Vietnam has introduced various cybersecurity laws which include:

The e-commerce players in Vietnam apply different security measures including:

Intrusion Prevention System (IPS)
Distributed Denial of Service (DDoS)
Web Application Firewall
Endpoint and End-user Protection

Market Drivers

Surge in cyber crimes

Vietnam have to cope with various information securities issues, most notably high-intensity cyber-attacks in key areas and national projects. As many as 156 organizations and 306 government offices were attacked. There were four phishing attacks targeting banks with 26,000 banking service users affected. Companies in Vietnam lack information security and management system as majority of the business incorporate only network-level antivirus software in their security system.

Moreover, there have been increase in instances of attacks on E-commerce platforms and social media sites like Facebook with around 300000 personal data profiles being stolen. Similarly, hackers tricked users into installing spyware on their phones to steal their OTP numbers compromising banks cybersecurity systems. In 2020, it is assessed that over 15,000 types of spyware infected phones. Vietnam also ranks second in the world for having malware attacks with a 71% infection rate.

In 2020, the most common infringements among the attacks were related to the violations of information security policies (40%) and unauthorized information collection (39%). And, the other data violations included denial of service (8%), privilege escalation attacks (7%), and spread and attack of malicious codes (6%).

Digital growth in Vietnam

Vietnam has been witnessing rapid digital growth with a population of almost 100 million out of which 66% are active internet users and almost 60% are mobile social media users. The country’s smartphone usage is 72% and the average internet access per day stands at 6 hours 42 minutes. However, the country still struggles to develop its cybersecurity ecosystem. In 2019, Vietnam was ranked third in the world in terms of having the worst cybersecurity.

The state of cybersecurity in Vietnam is in critical stage. This is because the state of the software in majority of enterprises in Vietnam is unlicensed and expired without necessary security patches and updates. As a result of this, Vietnam has one of the highest penetrations of infected personal computers and malware attacks. On the other hand, the number of cybercrimes in the country is still considered to be underreported as the cybercrimes data which is prepared by Vietnam law enforcement agencies is based only on discovered cases and arrested perpetrators.

Network security is an important issue especially in digitally derived industry such as e-banking, e-commerce particularly in cryptography market. The key threats include malicious code encryption and APT attacks which exploit software and systems flaws and phishing mails. Due to the increased online activities and remote work culture forced by the coronavirus pandemic, there have been surge in software attacks through malware that spread to devices by downloading applications and patches from compromised manufactures. In 2020 alone, cyber virus cost over $1 billion in Vietnam.

Market Restraints

Price sensitive economy

Vietnam is still a price-sensitive economy considering its rapid shift from one of the poorest nations into lower middle-income country in a short span of three decades. As per a research by Kearney, 72% of the enterprise in Vietnam consider budget constraint to be a key problem encountered by SMEs to adopt expensive security services and solutions. Majority of enterprises in Vietnam are willing to invest heavily on technology but barely spend on security solutions.

Leadership

It is also necessary to raise awareness among leaders about the urgency and importance of digital transformation. Between 2014-2019, Vietnam conducted only 1.4% research on challenges and issues in the field of cybersecurity. Although there is fair share of hype about digital transformation amongst the ruling government, there is lack of commitment and awareness about the understanding of digital transformation in the ministerial, provincial and individual level.

Industry Challenges

Regulations and laws

The current laws and mechanisms are acting as an impediment to Vietnam’s Cybersecurity sector. Vietnam does not have a unified law regarding privacy; instead, it is informed by different laws and decree. There is significant gap in how regulations are inscribed vis-a-vis how they are enforced in Vietnam. In 2019, a new law on cybersecurity was introduced. However, the law focused more on censorship of content rather than managing cybersecurity issues. As per Vietnam Digital Communications Association, this new law is projected to reduce Vietnam’s GDP growth and foreign investment by 1.7% and 3.1% respectively by affecting conditions of investment and potential of digital innovation.

Low investment

Although, Vietnam appears to have the highest growth (16%) in cybersecurity spending in the ASEAN region, its spend constitute only 0.04% of its total GDP. In addition, despite greater awareness of cybersecurity measures as mandated in Decree 14, the average cybersecurity investment made by Vietnamese enterprise is below 10% of the total IT expenditures.

Digital infrastructure

Although, cybersecurity is considered to be a national priority and a key part of digital transformation, the digital infrastructure in Vietnam is still undeveloped in terms of protecting data and transmission speed and are only concentrated in urban areas. Heavy investment is essential to sustain and boost the digital dream of Vietnam. In 2020, only 45% of total revenue from cybersecurity products and services was derived by domestic cybersecurity players and the rest was derived by international firms operating in Vietnam.

Digital Infrastructure Indices	2019	2020
Mobile connectivity Index	64..6	64.98
Internet users (million)	64	68.17
Internet penetration rate	66	70
Average speed of fixed internet connection	27.2	43.3
Mobile subscriptions (million)	143.3	145.8
Mobile subscriptions rate	148	150
Smartphone penetration rate	72	93
Social media penetration rate	0.64	67

Talent gap

There is significant need for IT capabilities and skill development for human resources in Vietnam. There is dire need for IT professional for digital production and digital leading. As per Minster of Education and Training, out of 235 universities only about 153 universities offer ICT training. Moreover, in spite of having almost 50 thousand ICT graduates each year, 70% require additional training to work effectively as specialists.

Estimated ICT professionals demand and supply gap
Year	Demand	Shortage of Professionals
2019	3500,00	90,000
2020	400,000	100,000
2021	500,000	190,000

Besides this, there is high rate of employee turnover in the country in the ICT sector. As per Vietnam IT Market Report 2020, nearly 75% of the developers are willing to switch their work environment and 68% of IT employees seek higher salary and 35% seek more challenging job responsibility.

3.8% of Vietnam’s workforce is considered to be unskilled. By the end of 2020, it is estimated that the country had faced a talent shortage of 1,000,000 which underscores the already vulnerable state of cybersecurity position in the country.

Technology Trends

Covid 19 has made remote working condition vulnerable to cyber threats primarily spread through malicious links. Majority of the enterprises and SMEs in Vietnam are obtaining cybersecurity solutions from multiple sources. Thus, there is a need for consolidated product solutions that comprise of threat detection, analysis, response and mitigation.

Consequently, companies in Vietnam are availing to advanced cybersecurity solutions such as security investigation and event management, security orchestration, automation and response and security operation center. The various cybersecurity measures and solutions adopted in Vietnam include:

Regulatory Trends

The Ministry of Public Security (MPS) is the central authority for enforcing cybersecurity to draft Personal Protection Decree. In 2019, Vietnam set up a Vietnam Cybersecurity Emergency Response Teams/Coordination Centre (VNCERT/CC) to prevent, monitor and evaluate nationwide security incidents. Additionally, the Department of Cyber Security and Hi-tech Crime Prevention under the MPS, coordinates security incidents and verify nationwide information security. Besides this, Vietnam is one of the few countries in ASEAN to have a comprehensive security and data protection law known as the Law of Cyber-Information Security (LCIS).

To contain cybercrime, Vietnam have institutionalized a professional taskforce at both national and local level that enforce cyber legislations. Moreover, in 2017, Vietnam had added nine specific articles in Criminal Code of Vietnam (CCV) by the National Assembly in order to inspect and fight cybercrime. Besides this, the country has also entered into international law enforcement cooperation in Asia, Pacific region and around the world to improve the capacity and capabilities to flight cybercrime.

To engage in cybersecurity business in Vietnam, businesses are conditioned to hold operating license from Ministry of Information and Communications (MIC). In 2020, MIC granted 56 companies license to fully operate and offer cyber security solutions. The Vietnamese laws are focused more on penalizing direct criminals and provide leeway for the data controllers.

Cybersecurity regulatory framework

In 2019, Vietnam National Assembly introduced a fresh law to strengthen national security and protect its citizens against cybersecurity issues. The key provisions related to data localization, government control over online content and local offices include:

Data localization

Onshore and offshore service providers such as telecom network, internet, other value-added service providers as well as other companies which collect, utilize and process user data are required to store data in Vietnam. The new law compels service providers to store data about Vietnamese users on servers in-country.

Local office

Offshore firms need to institute a branch or representative office in Vietnam.

Content control and audits

Under the Ministry of Public Security, the Ministry of Information and Communications and the cyber security agency can request service providers to remove offensive content and conduct audit of information systems including digital devices, hardware and software systems. In this regard, the government authority is mandated to send a notice to the system owner at least 12 hours prior to an audit and should present the results within 30 days from the completion of the audit.

Illegal Content

Article 8	Activities like provoking people against the state, distorting history, gender discrimination, religious offenses, racism, spreading fake information and human trafficking. It also contains matters relating to network terrorism, cybercrimes and network attacks on information systems critical to national security.
Article 16	It involves details relating to prevention and management of propaganda contents against the state which instigate riots, disturb public order, cyber-humiliate, slander and affect the socio-economic activities of the state.
Article 17	Network espionage activities that compromise state secrets, violate user confidential information and corporate secrets.
Article 18	Sacrilegious cyber actions in relation to national security laws, social order and safety regulations such as engaging in illegal, banned products and piracy activities.
Article 29	Protection of children in cyberspace.

Other Key Market Trends

Vietnam’s link to cyber espionage

Vietnam is associated with engaging in state-sanctioned cyber espionage. As per the research by Akamai, in 2018, Vietnam was the fourth biggest source of credential stuffing. Vietnam government is accused to have cooperated with APT 32 group to work in its favor to target foreign government and businesses for financial gain and intelligence. In 2017, APT32 was also blamed for attacks against Vietnamese media outlets and automotive manufacturers precisely ahead of the planned debut of Vietnam’s first domestic auto company known as VinFast

Market Size and Forecast

In 2020, the global cybersecurity market was worth $173 billion and is estimated to grow to $270 billion by 2026. Cyber Security market is estimated to be $100 billion in 2017 and to grow to US$173 billion in 2022 at a CAGR of 11.6%. The Asia Pacific Cyber Security market is expected to outperform the global market, as of the rising demand for data safety and cybersecurity management. 60% market share is seized by Security services segment in the region. The market is expected to expand from a $20 billion in 2017 to $40 billion in 2022 at a CAGR of 14.6%.

The market for cyber security services in ASEAN is projected to reach $5.6 billion by 2025. ASEAN region appears to be keen on embracing digital economy. However, the region cyber security is still in early stage and is in short of talents and capabilities along with fragmented vendor relationships all of which is creating operational complexity and vulnerabilities. For continued cybersecurity commitment, it is estimated that between 2017-2025, ASEAN countries need to spend around $171 billion collectively on cybersecurity.

The global cybersecurity market has grown steadily over the years and is estimated to be worth $202 billion by the end of 2021. Vietnam’s commitment to digital economy is expected to exceed $52 billion by 2025 which underscores the unprecedented rise in quantity of cyber threats. By 2023, Vietnam’s cybersecurity market is estimated to reach $215 million in total revenue growing at a CAGR of 14.8% from 2020-2023.

The global cybersecurity spending will steadily increase over the years and reach $187 billion by the end of 2021. This is because of the shift to remote work during the Covid-19 pandemic which has increased the instances of cyber attacks.

Vietnam is one of the fastest growing emerging economies ASEAN and has been gradually increasing its cyber security spending from $145 million to $326 million between 2020 and 2025.

Market Outlook

The future outlook of cyber security market:

In 2023, spending on cloud security tools is likely to escalate from $5.6 billion in 2018 to $12.6 billion.
In 2023, spending on cloud security solutions is estimated to be $1.63 billion rising from $636 million in 2020 at a 26.5% CAGR.
In 2023, spending on Infrastructure Protection is estimated to surge from $18.3 billion in 2020 to $24.6 billion, at a 7.68% CAGR.
By 2020, global IT security spending is likely to reach $128 billion, out of which the endpoint security tools comprise 24% of the total IT security spending.
According to IDC, 70% of all breaches appears to originate at endpoints, regardless of the increased IT spending on this threat surface.

Vietnam’s Cybersecurity Market Outlook

According to Authority for Information Security (AIS), Vietnamese cybersecurity market is predicted to rise by 30% in 2021 compared with 2020 This is based on the premise that the share of domestically produced information security products has been growing rapidly since 2015. In 2015, Vietnam only had 5% of domestically made products, but in 2020 the number escalated to 91% and is predicted to be 100% by 2021 end. The revenue from domestic cybersecurity products relative to foreign products has amplified from 18% in 2015 to 45% in 2020.

Vietnam’s cyber security spending is forecasted to increase from $115 million to $327 million between 2018 and 2025. This means that the country holds one of the highest industry spending rates in the ASEAN region with 16% annual growth between 2015 and 2025. Increased investment in cyber security capabilities will address gaps in infrastructure security and will yield to the development of more sophisticated managed services.

Vietnam’s economy post Covid

Vietnam’s economy fared well in terms of dealing with Covid 19 pandemic growing at a rate of 2.9% in 2020 and will realize further growth at 6.5% in 2021 as per a report by IMF and the World Bank. To contain the spread of the virus and initiate economic recovery, the Vietnamese government provided economic support amounting to $1.16 billion. The country’s strong economic fundamentals, swift containment measures along with favorable government support aided the country in having one of the highest growth rates in the world in 2020.

Vietnam’s economy is heavily reliant on other economies through trade and investment. However, the unrelenting covid crisis lead 45% of households to report lower household income in January 2021 than in January 2020. ILO has projected that 20-40% of Vietnamese workforces engaged in textiles and electronics manufacturing are on the verge of being unemployed or will face considerable salary cut because of the Covid crisis. Regardless of this, the country’s economy is set to grow 6.6% in 2021 rested in the premise of effective control of COVID-19 infections, solid performance by export-oriented manufacturing and robust recovery in domestic demand. During 2016-2020, Vietnam’s ICT landscape appears to showcase an average growth rate of 8%. By the end of 2020, the Vietnamese government invested $415 million in the ICT sector.

With Covid-19 vaccination rates still remaining very low as a share of the total population, Vietnam remains vulnerable to a rising and protracted Covid-19 wave. In 2021, The IHS Market Vietnam Manufacturing Purchasing Managers’ Index (PMI) exhibited a steep fall, reflecting the impact of the rising Covid wave. In 2021, the Vietnamese economy is expected improve further resulting in the GDP growth of CAGR 5.5%. Vietnam’s economic growth is expected to escalate further to CAGR 6.8% by the end of 2022.

Vietnam’s total GDP is estimated to accelerate from $270 billion in 2020 to $450 billion by 2025 and reach $736 billion by 2030. This translates to rapid surge in Vietnam’s per capita GDP, from $2,800 in 2020 to $4,500 in 2025 and reach $7,000 by 2030 end, ensuing considerable expansion in the size of Vietnam’s domestic consumer market.

Even though Vietnam was one of the few countries in the world to have positive growth rate in 2020, however, the insurgence of Covid show no sign of settling soon. This has brought significant uncertainty resulting in disruption of domestic demand and supply chains. Vietnam is vulnerable considering its low rate of vaccination, highlighting the need for rapid vaccination rate so as to retaliate the threat of induced by Covid 19.

Vietnam’s future rests upon its stance as a low-cost manufacturing hub and rapid expansion of textiles, electronics, autos and petrochemicals industry sectors. Vietnam appears to be a key beneficiary amongst its ASEAN counterparts owing to the escalating trade war and technology tensions driving the reconfiguration of supply chains.

Post Covid cybersecurity risks

The threat actors exploiting the uncertainty and extraordinary response caused by the Covid-19 pandemic were related to misconfigured cloud settings, phishing, malware, deface that resulted in an average total cost of over $8 million.

Technology Roadmap

Remote work

Covid-19 has induced a shift to remote work conditions bringing immediate cybersecurity risks. Cyber-attackers are capitalizing on people’s interest in coronavirus-related news by introducing malicious fake coronavirus related websites. According to Cisco’s global survey, 67% of the Vietnamese companies, with the highest rate of respondents in the world, were prepared to transition to remote work culture and 93% of the country’s enterprise consider cybersecurity to be a top priority compared to regional and global averages.

Mobile devices at cybersecurity risk

Vietnam is one of the fastest growing economies in ASEAN region with 61.3 million smartphone users making it top 10 users of smartphones in the world. With increased mobile penetration, the country is amongst the top five countries in the world to be hit by Andriod/FakeAdBlocker malware attacks.

Risks related to IoT devices

Since 2017, there was rapid deployment of IoT in Vietnam making it one of the most targeted country in terms of attack origin. Vietnam is often a vulnerable to Mirai, Satori and botnets attacks as it is home to a large number of insecure IoT devices, such as connected cameras and DVR systems. In 2018, Kaspersky research reveals that Vietnam ranked third globally in terms of IoT attacks, accounting for 15% of the total IoT attacks in the world only behind China and Russia. As of March 2018, Vietnam recorded nearly 30,000 botnet device infection primarily linked to Goahead cameras.

Cloud security

Cloud computing is a widely being adopted in both public and private Vietnamese enterprises. As per the National University of Singapore, 60% of the private firms in Vietnam are using cloud services. Similarly, 65% of the Central government agencies and 46% of the local agencies are using at least one cloud service. As per Asia Cloud Computing Association’s Cloud Readiness Index 2018, Vietnam registered 1.68 million IP blocks and the it ranks fifth in the world in terms of attacks relating to IoT devices.

Migration to the cloud increased the cost of the breach by $267,469 in Vietnam. Vietnamese cloud computing spending is forecasted to grow at an average rate of 20.7% during 2016 to 2020 to approximately $150 million. The key growth driver is the lower cost of ownership and upfront investment as well as the flexibility that cloud solutions offer.

Companies in Vietnam are realizing that manual security management is not feasible for large web application infrastructures and security. Hence, majority of the firms are switching to cloud which further escalates the risk of cloud-based threats. The Ministry of Information and Communications has revealed that the cloud computing platform is a key part of its digital drive. It is estimated that cloud computing market in Vietnam will reach $500 million by 2025 growing at the rate of 30-40%. To develop Vietnamese cloud computing platforms, Vietnam issued technical criteria consisting of 153 standards, including 84 technical criteria and 69 information security criteria. However, Vietnam data localization requirements may form constraints to operate on a global cloud.

Competitive Landscape

Competitive Factors

Some of the companies such as Juniper Network, Cisco, Check Point software Technologies, Symantec Corporation lead in terms of market share, followed by Hewlett Packard, Kaspersky, Fortinet, CMC Corporation amongst others.

The cyber security solution players in Vietnam compete on the account of cost of the security solutions, technological advancements, product offerings, supply chain management, after-sales services and number of clients.

The Cyber security software and services vendors appears to have multiple growth opportunities in Vietnam, as spending on cyber security increases faster than elsewhere in the ASEAN region by 16% annually.

With the progress of the economy, Vietnam has also witnessed surge in quantity of cybercrimes in the country. Thus, Cyber security ecosystem is gradually gaining momentum in the country. Considering this, cybersecurity players are offering a blend of robust distribution network and economical models with extra features to provide value added solutions to the end user. These players offer various value added services including advisory, implementation, management, onsite technical, remote operation among others.

Key Market Players

Cyber Security Players	Security Services
Techlab corporation	The company strives at offering cybersecurity solutions to support business growth and protect against cyber threats and attacks.
Fortinet	Founded in California in 2000, it offers network and computer security, consulting services including anti-virus programs, intrusion prevention, network access control and web application firewalls. It is renowned for its unified threat management (UTM) and next-gen firewalls (NGFW).
Checkpoint Company	Headquartered in Israel and California, Check Point is an American-Israeli provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management. It is a cyber security solutions provider essentially to government and corporate enterprises so as to protect customers from fifth generation cyber attacks such as malware, ransomware and other types of attacks.
Kaspersky	Founded in 1997, Kaspersky develops and distributes information security solutions. It offers anti-malware, cybersecurity intelligence software, and threat prevention products to protect information from viruses, spyware, ransomware, phishing, hackers, and spam.
FireEye	Instituted in 2004 and headquartered in California, the company offers network, endpoint, email, managed and cloud security. It also offers Mandiant Consulting and Managed Detection and Response (MDR) services to assist clients analyze security risks, investigate cybersecurity attacks and protect against malicious software.
Cisco	Cisco Systems is an American multinational technology conglomerate headquartered in California. It develops, manufactures and sells networking hardware, software, telecommunications equipment and other high-technology cybersecurity solutions. Through its numerous acquired subsidiaries, such as OpenDNS, Webex, Jabber and Jasper, Cisco specializes in specific tech markets, such as the Internet of Things (IoT), domain security and energy management.
Vietnam security network	Established in 2009, VSNC offers security solutions that caters to both domestic and foreign markets.
Axon Active	Founded in 2008, it is a Swiss offshore software development company that provides agile IT and scrum practices especially for large corporate clients.
Savvycom	It is a software development company which specializes in web and mobile application development for startups and SMEs. It also renders turnkey IT services for assorted industry sectors.
Orange Business Services (OBS)	Created in 2007, OBS leverages the expertise of Equant, Orange and its subsidiaries. The company integrates technologies, operates infrastructures and orchestrates the value chain at every stage of digital transformation. It offers a portfolio of services such as Enriched Connectivity and mobility, Internet of Things and Machine-to-Machine, Cybersecurity, Business Intelligence, Big Data and Analytics, Videoconference and Collaborative workspaces, Flexible IT and Cloud and Enriched Customer Relation.
Softline Group	Founded in 1993 as an Information Technology solutions and service provider, the company offers end-to-end technology solutions, public and private clouds, software and hardware provisioning among others. that primarily caters to emerging markets of Eastern Europe, Americas and Asia. The company aides its customer to achieve digital transformation and protect business with cybersecurity technologies.
CMC Global	Established in 2017, the company offers comprehensive IT consulting solutions and Services, ranging from Traditional services to digital transformation.
SLA Company Limited	SLA aggregates a synergy of IT services for small, medium and large enterprise clients. It is a distributor of ShareTech, Quick Heal, Netshield SnoopWall, DeviceLock, ServiceTonic, Zevenet, FileCloud, ezTalks, Flowplayer, Corona Renderer, FlyingVoice, OpenVox, EgoSecure, Centerm, Mushroom Networks in Vietnam.
Terralogic	Founded in 2008, it is a 360-degree technology solution provider which provides advisory consulting and IT services. It offers Board Support Package, OS porting, driver development for development boards, developing firmware and bootloader for diverse platforms, middleware for multimedia package development, verification and integration for third party software.

Strategic Conclusion

As Vietnam’s economy is getting increasingly global and connected with rest of the world, it becomes even more difficult to manage the cybersecurity issues in the country. In 2020, Vietnamese economy grew at a rate of 2.9%, regardless of the turbulence shaped by the Covid pandemic. However, in 2021, as of its digital transformation drive, it could struggle in ensuring safe cyber stance across different sectors.

References

https://www.mckinsey.com/business-functions/risk/our-insights/covid-19-crisis-shifts-cybersecurity-priorities-and-budgets
https://www.pandasecurity.com/en/mediacenter/tips/cybersecurity-trends/
https://www.austcyber.com/resource/cyber-security-opportunities-asean-region
https://cybernews.com/security/cybersecurity-trends-and-predictions-for-2021/?utm_source=youtube&utm_medium=video&utm_campaign=Trends_predictions_2021&utm_term=ud4lJ6TJSXQ
https://issuu.com/ulkoministerio/docs/digitalization_report
https://www.forbes.com/sites/louiscolumbus/2020/04/05/2020-roundup-of-cybersecurity-forecasts-and-market-estimates/?sh=544de17e381d
https://www.austrade.gov.au/australian/export/export-markets/countries/indonesia/industries
https://www.vietnam-briefing.com/news/why-vietnams-expanding-digital-economy-presents-opportunities-for-investors.html/
https://en.calameo.com/read/00460114942b172a6d599
https://www.trade.gov/market-intelligence/vietnam-cybersecurity
https://opengovasia.com/vietnam-focuses-on-cybersecurity-to-protect-national-interests/
https://news.eloqasia.com/?p=275
https://english.mic.gov.vn/Pages/TinTuc/145725/Cybersecurity-powerhouse-and-Vietnam-s-digital-trust.html
https://www.kaspersky.com/blog/vietnam-antimalware-campaign/39004/
https://www.mondaq.com/security/1087232/vietnam-leaps-up-in-cybersecurity-confidence
https://securitybrief.asia/story/vietnam-cybersecurity-market-to-reach-usd-215-million
https://www.researchgate.net/publication/348023857_The_Development_of_the_Digital_Economy_in_Vietnam
https://www.cisco.com/c/dam/m/en_sg/cybersecurity/cybersecurity-in-asean/files/assets/common/downloads/page0014.pdf
https://www.kenresearch.com/blog/2021/03/in-depth-analysis-of-the-covid-19-impact-on-vietnam-cybersecurity-market-ken-research/
https://vir.com.vn/vietnam-urged-to-ensure-cybersecurity-in-digital-transformation-80680.html
http://english.vietnamnet.vn/fms/science-it/199955/camera–sensor–and-iot-devices-in-vietnam-vulnerable-to-cyber-attacks.html
https://techwireasia.com/2021/07/india-and-vietnam-most-hit-by-android-malware/
https://securitysummit.vn/2020/en/top-10-cybersecurity-trends-to-look-out-for-in-2020/
https://en.vietnamplus.vn/ensuring-information-security-for-cloud-computing-a-key-national-goal/195228.vnp
https://www.imf.org/en/News/Articles/2021/03/09/na031021-vietnam-successfully-navigating-the-pandemic
https://vir.com.vn/rise-of-remote-working-brings-cybersecurity-to-fore-82312.html
https://www.kearney.com/documents/20152/989824/Cybersecurity+in+ASEAN.pdf/2e0fb55c-8a50-b1e3-4954-2c5c573dd121
https://www.gpminstitute.com/publications-resources/Global-Payroll-Magazine/december-2018/vietnam-approves-new-law-on-cybersecurity
https://thediplomat.com/2019/12/vietnams-internet-control-following-in-chinas-footsteps/
https://kr-asia.com/vietnam-suffers-the-most-southeast-asia-offline-cyber-attacks-q2-2019
https://www.researchgate.net/publication/336275540_CNDS-Cybersecurity_Issues_and_Challenges_in_ASEAN_Countries
https://markets.businessinsider.com/news/stocks/evolving-cyber-threat-ecosystem-and-increased-focus-on-cybersecurity-by-smes-will-lead-to-growth-in-information-security-ecosystem-in-vietnam-ken-research-1030318296
https://www.pwc.com/vn/en/publications/2020/pwc-vietnam-covid-19-vietnam-economy-and-export.pdf
https://cisomag.eccouncil.org/development-of-local-security-products-increased-in-vietnam/
https://www.trade.gov/market-intelligence/vietnam-cybersecurity
https://opengovasia.com/how-vietnam-plans-to-improve-its-cybersecurity/

Appendix

AI	Artificial Intelligence
AIS	Authority of Information Security
APAC	Asia-Pacific
API	Application Programming Interface
APT	Advanced Persistent Threat
ASEAN	Association of Southeast Asian Nations
CCV	Criminal Code of Vietnam
CIIs	Critical Information Infrastructures
CAGR	Compound Annual Growth Rate
DDoS	Distributed Denial of Service
GDP	Gross Domestic Product
IoT	Internet of Things
ICT	Information and Communication Technology
ILO	International Labour Organization
ISO	International Organization for Standardization
IPR	Intellectual Property Rights
ITU	International Telecommunication Union
IT	Information Technology
MDR	Managed Detection and Response
MIC	Ministry of Information and Communication
NGFW	Next-gen Firewalls
R&D	Research and Development
SAAS	Software as a service
SBV	State Bank of Vietnam
SMEs	Small and Medium Enterprises
UTM	Unified Threat Management
VNCERT/CC	Vietnam Cybersecurity Emergency Response Teams/Coordination Centre
VNISA	Vietnam Information Security Association
WTO	World Trade Organization