Among the primary reasons for establishing a security operations centre are strengthening the cybersecurity posture and enabling faster detection and response to gain a competitive edge. — Photo courtesy of the firm

HCM CITY — Companies are accelerating the establishment of security operations centres to strengthen cybersecurity, enable faster detection and response, according to a study by global cybersecurity and digital privacy company Kaspersky.

Such a dedicated unit provides continuous monitoring for corporate technology frameworks, with its core mission of identifying, examining and countering online hazards in real time.

To distinguish primary motivations, priorities and challenges regarding this planning or deployment, Kaspersky conducted a global survey of senior IT security specialists, managers and directors from companies with 500 or more employees.

Those participants currently operate without such infrastructure but intend to build it shortly.

The inquiry spanned 16 different markets across the Asia-Pacific, the Middle East, Turkey, Africa, Latin America, Europe, and Russia, including Việt Nam.

The findings show that, globally, 50 per cent of organisations plan to set up these hubs to harden protection and 45 per cent are responding to increasingly sophisticated risks.

In Việt Nam, such incentives prove even more intense; 82 per cent cite the requirement for improved safeguarding skills and 83 per cent highlight the need to tackle new, advanced and dangerous modern threats. Both figures significantly exceed global averages.

Additional catalysts involve budget optimisation, the necessity for rapid intervention and the expansion of software, hardware and user devices. Nationally, 57 per cent aim for better expenditure, three-quarters seek prompt discovery and 56 per cent intend to manage increasing numbers of endpoints, programmes and users across their entire environments.

Data protection and regulatory compliance also rank higher in Việt Nam than globally.

While 40 per cent of international organisations prioritise the protection of confidential information and 39 per cent focus on rules, the figures are 76 and 67 per cent in Việt Nam.

Furthermore, 41 per cent of Vietnamese players perceive these capabilities as a source of competitive advantage.

Among the key functions planned for them, 24/7 surveillance is a top priority for 76 per cent of Vietnamese organisations, compared with a global average of 54.

This around-the-clock vigilance allows early spotting of irregularities, prevents escalation and sustains cyber resilience in real time.

Such appetite underlines a strategic requirement for proactive risk management, as businesses aim to defend against persistent threats that can strike at any moment.

While the centres use advanced technology, the choices made by Vietnamese organisations show that human analysts are very important.

The top three selected technologies include security information and event management systems (71 per cent), endpoint detection and response (69 per cent) and threat intelligence platforms (63 per cent).

These sophisticated solutions automate data collection and reduce operational load, but depend heavily on skilled security professionals who provide critical context, interpret complex findings and make final decisions when guiding appropriate responses.

Additional solutions chosen include extended detection and response, network detection and response, and managed detection and response, reflecting a strong focus on improving threat visibility and accelerating investigation and response workflows across Vietnamese enterprises.

“As organisations across APAC accelerate their security operations centres adoption, we see a clear shift toward more mature, intelligence-driven security operations,” Adrian Hia, managing director for Asia Pacific at Kaspersky, said.

“In markets such as Việt Nam, companies are not only investing heavily in technology, but also placing strong emphasis on human expertise, process maturity and continuous improvement. This combination is critical to ensure SOCs can deliver real operational value, enabling faster decision-making, stronger resilience and long-term cybersecurity readiness.” — VNS