AIS develops incident response plans for information systems

April 06, 2024 - 11:30
Through monitoring and supervising cyberspace, the AIS detected an increasing trend of cyber attacks, especially encryption and ransomware attacks.
Specialised units need to strengthen information security for key information systems. — Photo cand.com.vn

HÀ NỘI — Facing the trend of cyber-attacks, the Authority of Information Security (AIS) under the Ministry of Information and Communications (MIC) is developing an incident response plan for information systems.

Recently, a number of information systems of agencies, organisations and businesses in Việt Nam have been attacked, causing physical and image damage, and disrupting business operations.

Through monitoring and supervising cyberspace, the AIS detected an increasing trend of cyber-attacks, especially encryption and ransomware attacks.

In order to enhance cyber information security for information systems, the AIS has issued an official dispatch requesting specialised information security units of agencies, organisations and businesses to review and deploy network information security assurance for information systems under their management, prioritising monitoring and early warning solutions.

Units must complete inspection and assessment to ensure information security of information systems under their management before April 15.

In case of detecting risks, vulnerabilities or weaknesses, units must immediately implement corrective measures, especially for information systems that store and process personal information and personal data.

Related to tasks according to Directive 09/CT-TTg of the Prime Minister dated February 23 this year on compliance with legal regulations to strengthen information system security by level, units should ensure 100 per cent of operation information systems reach security level approved no later than September this year.

They must also fully implement the information security assurance plan according to the approved level proposal no later than December this year.

Units are recommended to organise effective, substantive, regular and continuous implementation of information security work according to the four-layer model to improve the capacity of the professional monitoring and protection; continuously and stably maintain connection and share information with the National Cyber Security Centre under the AIS; and prioritise the use of cyber information security products, solutions and services produced or technologically-mastered by Vietnamese enterprises.

To enhance network information security for information systems, units need to develop incident response plans for information systems under their management, and implement a plan to periodically back up the system and important data to allow prompt restoration when being attacked, report all incidents to the AIS; and participate in the national incident response network.

At the same time, units review and implement related tasks according to Directive 18/CT-TTg dated October 13, 2022 of the Prime Minister on promoting the implementation of response activities for cyber information security incidents in Việt Nam; and periodically perform threat hunting to promptly detect signs of system intrusion.

According to warnings from the AIS and related agencies and organisations, units must check and update information security patches for important systems; regularly and continuously use information security platforms developed and provided by the AIS to support agencies, organisations and businesses such as IRLab (Information Retrieval Lab) and DFLab (Digital Forensic Lab) platforms to receive early warnings and support in solving incidents. — VNS

E-paper