VIETNAM CYBERSECURITY MARKET REPORT IN 2021

VIETNAM CYBERSECURITY MARKET REPORT IN 2021

Table of Contents

I. Cybersecurity Situation in 2021  

II. Cybersecurity Market in Vietnam in 2021  

III. External Factors Impact to the Cybersecurity Market in 2021

IV. Cybersecurity Trends in Vietnam in 2022


I. Cybersecurity Situation in 2021  

According to the statistics of Viettel Threat Intelligence, there were 1,976 phishing attacks and 1,108 impersonation attacks in the second half of 2021, an increase of 3 times compared to the first one. These campaigns have become more sophisticated and challenging to detect because they accessed the phishing sites by subdomain or by phone.

In terms of phishing attacks, the most affected industry was still banking, accounting for 48%. In 2021, this industry recorded an explosion of phishing attacks and impersonation attacks to steal customer account information. Accordingly, banks had to continuously issue warnings and instructions to users to avoid scammed links or messages.

The causes of phishing attacks were identified from:

· Customers’ using internal emails to register for services from third parties.

· Personal or internal computers’ infection with malware that steals personal information.

According to VCS, in 2021, 99 data records and 107,000 credential records have been leaked (out), of which most were in the financial, banking and telecommunications field. Some of the outstanding data leakages in “Critical” level was 1/ the sale of customer information in the cyberspace of more than 77 million users who have registered or used NitroPDF's services; 2/ the leakage of a dataset containing more than 1 million accounts registered on websites; and 3/ the leakage of 17GB of KYC data in Vietnam, causing thousands of users’ identity cards to be sold in the cyberspace. Thus, securing personal data as well as organization data has become the inevitable trends of cybersecurity.

Furthermore, there have been, and will be more and more, continuous Advanced Persistent Threats (APT) in Vietnam. Generally, the large APT attack groups, such as APT32 (Ocean Lotus), Mustang Panda, Goblin Panda, etc. tended to focus on state agencies, governments and financial & banking companies. Besides, a number of arising industries, such as e-wallets of unemployment insurance or social insurance, were also the target of phishing attacks, impersonation attacks and APT.

II. Cybersecurity Market in Vietnam in 2021  

Global Cybersecurity Market

According to Gartner's prediction, global spending on cybersecurity and risk management reached 150 billion USD in 2021, an increase of 12.4% compared to 2020, specifically shown by cybersecurity products or services in the following table (Unit: million dollars):

(Gartner, May 2021)

The development trend of Cloud Security was the strongest, significantly increasing by 41.2% from 2020 to 2021. Following that, the Data Security, Infrastructure Security and Identity Access Management industries were also estimated at a good growth rate of 15-17%.

Vietnam Cybersecurity Market: Unstable Due to COVID-19

According to the forecast for the first half of the year, Vietnam cybersecurity market with a Compounded Annual Growth Rate (CAGR) of about 16.9% and a size of about USD 61.3 million (equivalent to about VND 1,409 billion) in 2019 would reach USD 81.4 million in 2020 (Ken Research, 2021). In 2021, the size of Vietnam's cybersecurity market was expected to reach USD 97.9 million (equivalent to VND 2,252 billion). However, due to the impacts of the COVID-19 across the country, official agencies and organizations had to change in the needs as well as the expenditures on cybersecurity. Therefore, the prediction results in the second half of year were more negative than that in the former, and the growth rate was slower. Specifically, the market size in 2021 reached VND 1,600 billion, a decrease by 35% from previous estimate in early 2021. Besides, this market size is expected to reach VND 2,100 billion in 2022.

In terms of customers’ industry, with a high level of cybersecurity maturity, Finance and Banking fields accounted for the majority of the demand for cybersecurity in Vietnam market, especially two groups of Joint-stock Commercial Banks and Securities Companies with the highest investment demand and maturity level in cybersecurity. Besides, following the government directives and circulars on Privacy and Cybersecurity, the group of government and state, along with banks and State Treasury, also increased their demand.  Also, some medical & health related units started to focus on cybersecurity due to the demand of securing data related to COVID-19 vaccines.

Furthermore, industries such as journalism, energy and mining were also victims of cyberattacks. This further confirmed that the cybersecurity needs of the small and medium-sized enterprises as well as the key enterprises would be increasingly strong in 2022.

In terms of market share by product and service group, traditional MSS services accounted for a proportion of 32% - 23% of the market share, however, they tended to decrease in 2019 - 2025. Meanwhile, cybersecurity products accounted for 60% market share, and tended to increase in the next 5 years.

Revenue Share of Cybersecurity Solutions

Standalone cybersecurity products and services accounted for a high market share of over 50% and tended to increase from 2019 to 2025. MSS services accounted for a proportion of 32% - 23% of the market share and tended to decrease from 2019 to 2025.

By product type, Firewall product lines still held the highest share from 25% in 2019 to 22% by 2025. Antivirus and Endpoint security product lines had a negligible change, about 15-17%.

According to Ken Research’s report, the cybersecurity market in Vietnam had stiff competition between domestic and foreign firms.

Regarding products, there were 75% of foreign products and 25% of domestic products in 2019. And it was expected that foreign products would have decreased to 46% and domestic products will have increased to 54% by 2025. Regarding services, SOC, Pentest, Security Audit services was outstanding ones provided by domestic companies currently (thanks to the competitiveness of people, experts and an agile incident-response team). However, these domestic services were facing a huge competition with about 20 foreign firms through domestic distribution channels to enter the Vietnamese market of such service lines as Firewalls, Endpoint Protection Platform, Endpoint Detection and Response, SIEM, SOAR, etc.

By and large, it was predicted that the domestic product market share would increase by 21%, reaching 35%, equivalent to cybersecurity services by 2025. Foreign products were expected to decrease their market share from 44% in 2019 to 30% in 2025.

III. External Factors Impact to the Cybersecurity Market in 2021

Vietnam’s Economy in 2021

In October 2021, the World Bank lowered its estimate of Vietnam's GDP growth by 2-2.5%, significantly lower than the forecast in September. The reality showed the serious impact of the COVID-19 epidemic in the Northern Region. The second half of 2021 performed a contrast with the recovery in the first half of the year. This was the deepest decline since 2000 when Vietnam calculated and announced quarterly GDP. Thus, compared with the target set by the Government in 2021 of 6.5%, it was difficult to achieve GDP growth goal for the whole year. Not only World Bank, Standard Chartered Bank also lowered its growth forecast for Vietnam in 2021 from 4.7% to 2.7%.

The index of technology production and total retail sales of consumer goods and services improved as economic activities gradually recovered, but not completely to the level before the outbreak in April 2021 (The World Bank).
The General Statistics Office made two forecasts for growth in 2021. In the former scenario, GDP growth for the whole year was 2.5%, while in the latter, GDP growth was 3%.

GDP per capita growth was forecast to reach 5.4% in 2021 and 5.6% in 2022. Vietnam was predicted to have the highest GDP growth rate in Southeast Asia in 2021. In general, Vietnam's economy has recovered quickly compared to other countries in the region in 2021. In November 2021, the National Assembly passed a Resolution on the Socio-Economic Development Plan in 2022, aiming to increase GDP by 6 - 6.5% next year.

Some prominent changes such as the policy of reducing value added tax in November and December 2021 for businesses in the fields of transportation, tourism, accommodation, dining and entertainment were approved with the expectation of boosting domestic demand.

The vaccine strategy continued to be promoted and became an important factor in forecasting GDP growth in 2022. Other countries in the region had a slower pace of opening than expected due to concerns about impacts and the return of COVID-19.

Government Budget in Vietnam returned to surplus in October due to a sharp decrease in expenditure while revenue did not increase. This showed that fiscal policy was tightened, not supporting aggregate demand in the recovery process.
However, Vietnam's economy still had many positive signs. The registered capital of Foreign Direct Investment (FDI) increased continuously, higher than the same period in 2020.

According to the World Bank's October report, credit growth to the service sector (accounting for more than 60% of total credit to the economy) was stable at 15.6% year-on-year in October, after a steady decline from 18.53% in May. The credit to industry and construction maintained a growth rate of about 12.7% from July 2021.

Vietnam's Political and Social Situation in 2021

In the first 6 months of 2021, there was the 15th National Assembly election for the 2021-2026 term, which was a major political event of the year. As of May 23, the whole country had 99.57% of voters going to the polls. At the Resolution of the Government's regular meeting in May 2021, the Government agreed with the proposal of the Ministry of Finance in Document No. 103/TTr-BTC dated June 2, 2021 on 1/ cutting at least 50% of funding conferences, domestic and foreign work of the remaining ministries, central and local government agencies (except for the activities that is important, urgent and aimed at supporting the epidemic prevention and control of Ministry of National Defense, Ministry of Public Security and Ministry of Health, along with the funding for other national diplomatic activities of the Ministry of Foreign Affairs); and 2/ saving the remaining 10% of recurrent expenditure in 2021 to supplement the source of COVID-19 prevention and control, increase development investment and prepare for necessary security and defense services.

The National Assembly report allowed to recover 1/ the regular funds that have been assigned to ministries, central agencies and localities but have not been allocated by June 30, 2021 or have been allocated but not yet implemented (not yet approved the prediction, not yet organized the bidding); and 2/ the regular fees were not really necessary to supplement the reserve sources of the central and local budgets for COVID-19 prevention and control and the vaccine campaign.

From the second half of 2021, due to a serious outbreak of the epidemic, the Ministry of Finance submitted to the National Assembly Standing Committee a plan to use the source to cut and save central budget spending in 2021 with a total amount of more than VND 14,600 billion.  Central resources as of September 2021 have been used more than VND 22,200 billion. Meanwhile, according to the Ministry of Health, a total cost of VND 28,500 billion was used to vaccinate 80 million people in 2021, therefore, the central government must spend about VND 16.07 billion in the next period.

The government report assessed that 2022 is an extremely important year in the 5-year plan target from 2021-2025 in the face of the impact of the COVID-19 epidemic. The risk of slow economic recovery, growth slowdown, increased risk of inflation, climate change is huge. The Government set 16 targets in 2022, mainly in the fields of economy, society and environment. Among them, the growth rate of gross domestic product was expected to reach 6-6.5%; about 4% for the growth rate of the consumer price index (CPI); and about 4% for State budget deficit over GDP.

Vietnam's Legal Situation Related to Cybersecurity in 2021

Vietnam started to develop and tighten the law on cybersecurity in 2015 with the goal of strengthening national cybersecurity. In 2021, prominent cybersecurity regulations, directives and laws included:

Decisions issued by the Ministry of Information & Communications on basic technical requirements for cybersecurity products in 2021 include:

  • Decision No. 1126/QD-BTTTT dated 30/07/2021 on promulgating basic technical requirements for Web Application Firewall (WAF) product.
  • Decision No. 1127/QD-BTTTT dated 30/07/2021 on promulgation of basic technical requirements for Security Information and Event Management (SIEM) product.
  • Decision No. 1517/QD-BTTTT dated October 6, 2021 on promulgating basic technical requirements for Threat Intelligence (TI) product.
  • Decision No. 1591/QD-BTTTT dated October 13, 2021 on the promulgation of basic technical requirements for Intrusion Prevention System and Intrusion Detection System (IPS/IDS) product.

Drafts related to cybersecurity in 2021 include:

  • Draft Decree on personal data protection issued by the Ministry of Public Security in February 2021.

Specifically, if this draft is adopted and comes into force as outlined in the Draft of December 1, 2021, the first comprehensive legal framework on data protection and privacy law will be established in Vietnam. In particular, the draft Decree provided clear definitions for such terms as 1/ personal data, 2/ the consent forms of personal data subjects, 3/ the requirements for notification & handling of sensitive personal data, 4/ the transfer of personal data across borders, 5/ the obligation to develop internal personal data protection regulations, and 6/the obligation to sanction administrative violations. Notably, the Ministry of Public Security proposed a fine ranging from VND 80 million to VND 100 million for failing to apply technical measures and develop regulations on personal data protection.

  • Draft Decree on sanctioning of administrative violations in cybersecurity field completed by the Ministry of Public Security on September 20, 2021.

Specifically, this draft provided regulations on administrative violations, sanctioning forms, sanctioning levels, remedial measures, authority to make minutes and sanctioning competence for administrative violations in the field of cybersecurity.

These draft laws play an extremely important role in the development and investment of cybersecurity solutions related to data protection for organizations, businesses and individuals.

  • Circular No. 46/2020/TT-BGDDT, stipulating that the high school curriculum must include content on cybersecurity, issued by the Ministry of Education and Training on November 24, 2020.

Specifically, the Law on Cybersecurity will be a compulsory content to be taught in National Defense and Security Education subject for students from 10th grade of high school.

This is one of the efforts on cybersecurity education from high school in order to not only solve the problem of lacking cybersecurity personnel in the future but also raise awareness about cybersecurity for students in the era of the booming Internet.

Overall, Vietnam's law on cybersecurity in 2021 was increasingly tightened for domestic individuals, businesses and organizations. It was expected that legal factors would have a stronger impact on the demand for procurement and investment in cybersecurity in 2022.

Banking - the Leading Industry in Vietnam Cybersecurity Market in 2021

In 2021, despite the stressful epidemic situation, the banks' credit increased and improved compared to the same period in 2020. A number of banks still grew in credit income and increased profits. By October 2021, system-wide credit had increased by 7.42% compared to the end of 2020.

However, bad debt was still one of the major problems to be overcome during the COVID-19 pandemic. According to the financial statements of the third quarter of 2021 of 27 banks trading on the stock market, the bad debt balance had increased to VND 113,006 billion, 26% higher than at the beginning of the year.

Facing the risks of the economy, most banks increased their risk provision expenses many times over the same period.

The State Bank continuously lowered the interest rate with a total reduction of 1.5-2.0%/year for operating interest rates; total reduction of 0.6%-1.0%/year in ceiling interest rates for deposits with terms of less than 06 months; and a total reduction of 1.5%/year to the ceiling interest rate for short-term loans with priority sectors. At the call of the State Bank of Vietnam, 16 commercial banks, accounting for 75% of the total outstanding loans of the economy, have agreed on the principle of reducing lending interest rates by up to 1%/year on the existing outstanding loans in Vietnam Dong in the last 5 months of 2021 for customers affected by the COVID-19 epidemic. Particularly, 04 state commercial banks continued to commit to spend a support package of VND 4,000 billion to reduce lending interest rates and service costs.

The budget for cybersecurity of the banking group was about 10-15% of the total information technology budget. The tense situation of COVID-19 accompanied by rapidly increasing cyberattacks on the Vietnamese banking system has accelerated the process of digital transformation and cybersecurity in the information system of banks. Information technology development strategy of the banking industry to 2025, with a vision to 2030, has the goal of successfully implementing digital transformation in the banking industry. Accordingly, it emphasizes the importance of cybersecurity in maintaining confidentiality and ensuring the security of the banking industry's information system.

In 2021, the State Bank of Vietnam issued Circular No. 09/2020/TT-NHNN stipulating information system security in banking operations, requiring further enhancement of protection against the complication of cyberattacks.

The activities of banks and financial institutions were increasingly being improved to comply with cybersecurity requirements, especially by using third-party products and services with international standards. This leaded to a fierce competition between domestic and foreign firms in this industry.

Stock and Insurance - the Growing Industry for Cybersecurity Demand in 2021

Although the COVID-19 situation has caused great economic damage to a number of important industries and fields, stock and insurance were recorded a strong growth in 2021.

It was marked that many highlights in the Vietnamese stock market on scores, liquidity, and number of newly opened accounts in 2021. The VN-Index peaked at 1,424.28 points on July 2, 2021. In the third quarter of 2021, the average trading volume per session reached 688.86 million shares and increased by more than 120% compared to the average of the third quarter of 2020.

According to experts, the reopening of the economy in the fourth quarter of 2021 was a positive factor for the prospect of many enterprises catching up again to business and production activities. While in the second quarter, the cash flow focused on capitalization stocks such as stock and steel, in the third quarter, the group of small and mid-cap stocks increased under the trend of speculation. By the fourth quarter, the market returned to large-cap stocks and manufactured goods.

Stock was considered as one of the industries with high potential for cybersecurity attacks in Vietnam.

According to the Ministry of Finance, in the first 9 months of 2021, the total assets of insurance enterprises were estimated at VND 650,165 billion (US$28.5 billion), up 20.62% over the same period in 2020. In which, non-life insurance enterprises were estimated at VND 102,222 billion (US$4.48 billion), life insurance enterprises were estimated at VND 547,943 billion (US$24 billion).

And at the same first 9 months of 2021, the total amount of insurance benefit payments was estimated at VND 37,977 billion (US$1.7 billion), up 11.69% over the same period in 2020.

In 2020, there were only 15 enterprises in the insurance market. However, in 2021, there were 75 enterprises in Vietnam's insurance market, of which 31 were non-life insurance enterprises, 19 were life insurance enterprises, 2 were reinsurance enterprises, 23 were insurance brokers, and one branch of foreign non-life insurance company. In which 50-60% market share of the insurance market belonged to the top 5 insurance companies: Bao Viet was a Vietnamese company, the rest were mainly foreign companies, such as Prudential, Manulife, Dai-ichi, etc. In addition, there were insurance companies of the bank, such as Vietin Metlife, MB Ageas Life, etc.

Threats of cybersecurity, customer information loss and labor shortage were the serious difficulties in the InsurTech process of insurance companies.

Consumer Finance - Potentially Vibrant Market

According to statistics of the State Bank of Vietnam, by the end of 2020, the total outstanding consumer credit reached VND 1.8 million billion (US$79 billion), accounting for about 20% of the total outstanding debt of the economy. CAGR (2016-2020) of the industry was about 22.3% (FinnResearch, 2021). Vietnam had 16 consumer finance companies operating with a total charter capital of about VND 22,000 billion (US$965 million), of which FE Credit held over 50% of the market share, followed by Home Credit, HD Saigon, Mcredit, Mirae Asset and Shinhan Finance.

Source: FinnResearch

The digital transformation of consumer financial service providers was marked in 2021. In which, FE Credit transform to operate entirely on the AWS platform by moving almost IT infrastructure to the cloud platform. It also moved most of the essential applications such as Finance Digital Banking, $NAP and SHIELD for consumer loan products, credit cards and insurance. AWS’s container, serverless and database services maximized operations for consumer finance enterprises.

This movement also showed the change in digital transformation of financial enterprises. And besides there were potential information security threats inside them. In particular, attacks such as brand phishing or brand impersonation were constantly alerted to users. In addition, the prevention of threats from the fraud and appropriation of users’s accounts required behavioral analysis solutions and early alert for users and enterprises.

Large Enterprises in the Energy, Electricity, Oil and Gas Industries

The VNR500 ranking in 2020 continued to record the growth of service and industrial enterprises, accounting for more than 97.3% of revenue. The industries outperformed the average of the entire business sector, including: mechanical engineering, construction - materials, real estate, transportation - logistics, telecommunications, and information technology.

When it comes to the highlights of the energy industry in recent years, they were a lot of large companies and corporations building the Information Technology Security (IT Security) on deploying next-generation firewalls, IDS/IPS, Data Loss Prevention and APT, etc.; and Operational Technology Security (OT Security). Especially, the SOC (Security Operation Center) for both OT and IT networks was built to merge into a single system managed by Information Security experts. In addition, the drills were held regularly at large power and oil corporations to respond to information security incidents. The digital transformation process was an important factor driving the high demand and requirements for cybersecurity in these enterprises.

While there are a number of standards and recommendations on information security for technology control systems with high reference in the world such as ISO 27001: 2013, there are a few specific guidelines, regulations and requirements for the ICS systems. Specifically, there are the Special Publication 800-92 of the U.S. National Institute of Standards and Technology and some industrial information security standards such as IEC 62443, developed by the IEC (International Electrotechnical Commission) (TC) 65: Industial - process measurement, control and automation in cooperation with the members of the International Automation Association (ISA99)’s Committee 99.

IV. Cybersecurity Trends in Vietnam in 2022

Trend 01: Demand for Cloud Security

According to the Ministry of Information and Communications, the cloud service market in Vietnam is assessed to be considerably developed, and studies by prestigious international research organizations also forecast the average growth rate of the Vietnam’s cloud market will achieve 26% per year (the highest rate in the ASEAN region), much higher than the average growth rate of 16% globally.

According to the VnEconomy's calculation, 56% of enterprises currently use the cloud services. This trend has covered a series of large Vietnamese enterprises such as VPBank, MaritimeBank, VTV, Masan, etc. In addition, the trend of using the cloud computing in small and medium enterprises is also very potential. With the government sector, the deployment of Government cloud (G-Cloud) in Vietnam is based on the use of existing data centers of ministries, branches and localities.

Demand for the distributed cloud and edge computing is mainly driven by the Internet of Things (IoT), artificial intelligence (AI), telecommunications (telco) and other applications that need to process huge amounts of data in real time. The distributed cloud is also helping companies overcome the challenges of complying with country or industry-specific data privacy regulations, and more recently, providing IT services to employees and end users due to the COVID-19 pandemic. According to the Deloitte, more than 97% of IT managers are planning to distribute workloads across two or more clouds to enhance resiliency and support regulatory requirements. According to the Gartner, by 2024, most of the cloud service platforms will provide at least some distributed cloud services that execute at the point of need.

However, this can also create chances for hackers to attack the cloud infrastructure and databases of organizations and enterprises in the cloud. DDoS attacks, APT attacks and malware attacks on the cloud infrastructure will become stronger in the coming years, leading to a stronger need for information security monitoring in the cloud.

Trend 02: Personal and Organizational Data Protection to Become Stricter

The trend of digital transformation entails security concerns, the data security market is constantly heating up as a trend to meet the needs of innovation. In the "National Digital Transformation Program by 2025 with orientation towards 2030" approved by the Prime Minister, the vision of Vietnam to become a digital country by 2030 has been determined. According to Mrs. Vo Thi Trung Trinh, Deputy Director of the Department of Information and Communications of Ho Chi Minh City: “Data must be considered as a new resource and a raw material source of the digital economy and needs to be organized and protected. In particular, there are citizen data declared on Immunization applications, Electronic Health Book application that the City, the Ministry of Health, and the Ministry of Information and Communications have deployed in the past time. This new resource helps the government communicate and serve citizens better access to information and services.” On February 9, 2021, the Ministry of Public Security issued a Draft Decree on Personal Data Protection (Draft Decree), which arises the need to find the specialized solutions on data security of individuals and businesses. About 87% of IT and business leaders think security considerations are slowing the pace of innovation, while 73% claim the specific governance and security concerns have increased up when their systems are integrated more modern. The Gartner predicts that by 2022, application programming interfaces (APIs) will become the most frequently attacked means, causing data breaches for enterprise web applications.

Currently, ensuring information security is increasingly focused along with the increasing demand for data protection. Solutions to prevent data loss, encrypt data, control risks from within, and comply with international laws on data security are more and more focused not only in developed countries but also in developing countries such as Vietnam.

Trend 03: Operational Technology Security (OT Security)

Due to the impact of the digital transformation revolution, technology devices are starting to be connected through IT, and this creates chances for attackers and hackers to penetrate the system. In which, the fields of OT attack are mainly aviation, energy, and logistics. In Vietnam, OT security is a very important challenge, in which it can be mentioned, such as that the awareness of OT Security is still limited, mainly concentrated in large energy enterprises; it is need to be accessed to the OT environment for inspection and testing while still need to be ensured the operational stability; and OT Security experts are limited in Vietnam. There are not many companies providing OT Security monitoring services in Vietnam, it requires a team of experienced experts and information security tools specifically for OT devices.

Trend 04: Application of Machine Learning & AI to Cybersecurity

The terms of Machine Learning and Artificial Intelligence (AI) are no longer strange in the technology world, but the application of Machine Learning and AI in the information security field has not been familiar in the Vietnamese market in recent years.

Machine Learning solves repetitive problems for cybersecurity experts, in which some solutions are used, such as anomalous behavior detection (User & Entity Behavior Analytics, Network Traffic Analysis, Extended Response & Detection), etc.). Machine Learning and Deep Learning-based attack detection tools are increasingly popular, help to detect attacks early and have a higher policy rate. In fact, the application of this technology helps to reduce repetitive activities, improve work efficiency, and reduce false alerts for information security personnel. In the future, this technology is expected to partially solve the lack of cybersecurity resources of Vietnam and other countries in the region.

According to the Gartner's report, the investment in AI researches in the information security field is currently focused on each specific use case, such as Fraud, Authentication, Malware Detection, Visual Analysis, Attack Detection, Risk Prevention in Firewall Solutions, IPS, SOAR, EDR, NDR, etc.

Trend 05: Protecting Information Security for IoT Devices in the Future

Due to the novelty of IoT technology and the ever-increasing pace of technology innovation, there are high expectations that a number of completely new, revolutionary security solutions will emerge that are tailored specifically for IoT. For the demand of IoT device security in Vietnam, it is driven by the following trends:

· The Smart Home trend which drives demand for consumer IoT devices, however, the cost is still quite high compared to the average income.

· The Smart City trend under the digital transformation plan in the provinces and cities which is particularly valued by the government.

· The Smart Factory trend which is strongly deployed in manufacturing companies, lines to improve the labor productivity and control.

The statistics on the number of IoT attacks globally in 2020 recorded an increase of 400% compared to 2019 and signs of further increase in 2021. According to the Vietnam’s Authority of Information Security, 70% of IoT devices are at threats of being attacked in Vietnam, in which 28,000 IoT device addresses were recorded in 2018 with mirai malware and mirai variants. The assessment, inspection and monitoring of cybersecurity for IoT devices are extremely important and necessary for the enterprises that manufacture and operate IoT devices, and provinces and cities that are operating the important key IoT systems.

Trend 06: Building and Integrating Synchronous Solutions on a Single Platform

According to the 2020 Gartner CISO Effectivness Survey, 78% of CISOs (chief information security officers) had 16 or more cybersecurity tools. The use of multiple products from different cybersecurity firms leads to a complex operation and high labour costs. Then, consolidation and integration trend of information security products is of great interest to major firms. This comes from the need to reduce costs and operational risks. Grasping those technology needs and trends, a number of information security firms build the collaborative platforms for the existing products, and allow the open integration with other parties' solutions, from which users easily monitor and manage safety activities through a faster and more convenient way.

Trend 07: Cybersecurity Mesh Architecture to Explode in 2022

According to the Gartner's latest report on technology trends in information security in 2022, Cybersecurity Mesh or network security architecture is considered as one of the leading trends applied in a lot of solutions in the near future. According to Gartner, Cybersecurity Mesh architecture is a modern approach to security architecture that allows distributed enterprises to deploy and expand the security where it is needed most. Specifically, Cybersecurity Mesh is not focused on establishing a secure perimeter around the entire enterprise network, but protecting each devices and access. This is also one of the basic principles of the zero trust architecture-mico-segmentation. To adopt a Cybersecurity Mesh architecture, security policies must be applied at the identity and individual levels. This ensures that all enterprise resources are protected no matter how the architecture changes.

Appendix. References

Asian Development Bank, 2021, Asian Developmet Outlook Report - Vietnam,  https://www.adb.org/vi/countries/viet-nam/economy

Flexera, 2021, State of Cloud Report, https://info.flexera.com/CM-REPORT-State-of-the-Cloud

Forrester, 2021, New Tech: Zero Trust Network Access, https://stgsvcs.forrester.com/report/New+Tech+Zero+Trust+Network+Access+Q2+2021/-/E-RES161768

Gartner, 2020, CISO Effectiveness: A Report on the Behaviors and Mindsets That Impact CISO Effectiveness, https://www.gartner.com/en/newsroom/press-releases/2020-09-17-gartner-survey-reveals-only-12-percent-of-cisos-are-considered-highly-effective

Gartner, 2021, Top security and risk trends, https://www.gartner.com/smarterwithgartner/gartner-top-security-and-risk-trends-for-2021/

Gartner, 2021, Forecast Worldwide security and risk management,  https://www.gartner.com/en/newsroom/press-releases/2021-05-17-gartner-forecasts-worldwide-security-and-risk-managem

Ken Research, 2020, Vietnam Cybersecurity Outlook to 2020 - Gauging the opportunies for forgein investment in the Cybersecurity industry

Mordor Intelligence, 2021, Asia Pacific Cyber Security market, https://www.mordorintelligence.com/industry-reports/asia-pacific-cyber-security-market

Typical SOC products and services with preliminary prices listed by the Authority of Information Technology Application under the Ministry of Information and Communications [Sản phẩm dịch vụ tiêu biểu SOC kèm giá sơ bộ do Cục Tin học hoá - Bộ TT&TT niêm yết]:

https://cps.mic.gov.vn/#/web/mic/san_pham?_page=1&NhomSanPham._source.PhanLoaiSanPham._source.MaMuc=dichvutieubieu&NhomSanPham._source.MaMuc=trungtamdieuhanhantoananninhmangsoc&_id=5f7ad49b21bc2b000808688f

Statista, 2020, Global IoT Market Size 2017 - 2025,  https://www.statista.com/statistics/976313/global-iot-market-size/

SSI, 2020, Industry report of banking, finance and insurance [Báo cáo ngành ngân hàng, tài chính và bảo hiểm], http://www.ssi.com.vn/khach-hang-ca-nhan/bao-cao-nganh

VNR500, 2020, Top 500 largest Vietnamese enterprises [Bảng xếp hạng top 500 Doanh nghiệp lớn nhất Việt Nam], https://www.vnr500.com.vn/