Manifesting the first line of defence in cybersecurity

The more tech is adopted, the greater the potential for exploitation. According to Viettel Cyber Security’s Q3 report, Vietnam recorded over 502 million leaked enterprise data records; more than 6.5 million stolen personal accounts, a 64 per cent increase from the previous quarter; nearly 4,000 phishing domains; and over 547,000 Distributed Denial of Service attacks, many of which were carried out with AI assistance.

In response, the government is accelerating the implementation of the national cybersecurity strategy, recommending that organisations allocate at least 10 per cent of their IT budgets to security.

Although technology and processes have advanced significantly, the human factor remains the weakest link in the cybersecurity ecosystem, not only in Vietnam but also globally.

Most cyberattacks today exploit users’ lack of awareness. According to the SANS Institute, 80 per cent of organisations rank social engineering as the top human-related risk, an already formidable threat now supercharged by AI. Improper handling of sensitive data ranks second, followed by poor authentication practices.

This demonstrates that even when companies invest millions of dollars in advanced security solutions such as SIEM or Zero Trust, a single employee tricked by a fake email or social media message can still expose the entire system to an attack.

The human element remains the most exploitable vulnerability because, unlike technology, awareness cannot be automated. Despite strong investments in firewalls, encryption, and threat detection tools, cybercriminals continue to target human errors and psychological weaknesses.

In Vietnam, habits like using weak passwords, connecting to public Wi-Fi, or failing to verify suspicious emails are still common. This shows that no matter how strong the technological firewall may be, it will not be effective unless the human firewall is reinforced through awareness training, clear procedures, and a strong culture of cybersecurity throughout the organisation.

We define the human firewall as the first and most crucial line of defence in any cybersecurity system, built upon the awareness, knowledge, and security behaviour of each individual within the organisation. While technological firewalls are designed to block external attacks, the human firewall serves as an internal shield that helps detect, prevent, and mitigate risks arising from unintentional mistakes or deliberate actions that could compromise the system.

People are not only the weakest link but can also become the strongest line of defence. People are not merely a vulnerability; they can become the strongest line of defence. Through changes in awareness and behaviour, employees can go from being a potential risk into an active shield. While the majority of cyberattacks today originate from human factors, it is also people who are uniquely capable of detecting and stopping threats that technology may struggle to identify, such as sophisticated psychological scams.

The readiness of Vietnamese businesses to build internal cybersecurity teams remains low and uneven. According to a survey by the National Cybersecurity Association, only around one-tenth of Vietnamese enterprises have reached a mature level in their incident response capabilities. A separate survey conducted at the end of 2024 found that around 20 per cent of organisations reported having no dedicated cybersecurity personnel, while 35.5 per cent employed no more than five staff members in such roles, figures that fall significantly short of actual business needs.

Although awareness is improving and tech funding is increasing, internal teams, from IT staff to security specialists, are still not adequately prepared to serve as an effective line of defence against increasingly sophisticated cyberattacks.

To bridge the cybersecurity talent gap, collaboration between the government, businesses, and educational institutions is essential. Targeted government resolutions have played crucial roles in establishing a policy framework to foster high-quality workers and strengthen self-reliance in core technologies. These initiatives also encourage the engagement of Vietnamese tech experts abroad.

From the business side, companies should invest in internal training, identify and nurture potential talent, and prioritise continuous learning and skill development, especially in fields such as AI, cloud computing, and cybersecurity. This enhances security capabilities and creates a practical learning environment.

For educational institutions, curricula need to be modernised to focus on hands-on experience and relevance. Stronger collaboration between academia, businesses, and practitioners is essential to design training programmes that accurately reflect real market demands.