Bảo Hoa

HÀ NỘI — Businesses in Việt Nam are rapidly adopting artificial intelligence (AI) to sharpen their competitive edge, but managing the associated risks remains a pressing challenge for companies and regulators alike.

AI tools have gained traction in Việt Nam since the emergence of ChatGPT in 2022.

According to the AI Diffusion Report 2025 by Microsoft’s AI Economics Institute (AIEI), the country currently ranks 38th globally in terms of AI usage.

AI adoption in Việt Nam accelerated in the second half of 2025, rising from 21.2 per cent in the first half to 23.5 per cent, an increase of 2.3 percentage points.

The leading sectors providing AI-powered services include information technology (IT), finance and banking, education, e-commerce and health care, according to the Vietnam Artificial Intelligence 2025 report, based on a survey of nearly 500 businesses and organisations conducted in July 2025.

While many firms acknowledge that AI adoption helps maintain a competitive edge, cybersecurity professionals remain alert to the risks associated with its use and are seeking solutions with industry partners.

Nguyễn Đăng Khoa, deputy director of the Cybersecurity Monitoring and Incident Response Centre at Viettel Cyber Security (VCS), said AI’s near-human understanding makes it a valuable resource that companies should utilise.

His company has incorporated generative and agentic AI into the development of information security products.

“Cyber attackers are already using them. If the defence side, our side, doesn't take advantage of this resource, we will be the weaker side,” Khoa said during a recent conference on AI and security, held in Hà Nội by the National Cybersecurity Association.

“We leverage the understanding capabilities of AI to filter the relatively huge amounts of data that we need to monitor for our clients.”

As more AI-powered applications are designed to interact with users through language, cybersecurity firms need to move beyond traditional tools and adopt AI-driven systems to monitor language data and protect users, he added.

“We need tools with enhanced understanding to determine if there are any dangerous elements in those tech contents, or any elements that influence the AI's behaviour and psychological responses,” he said.

Cybersecurity officers and tech experts discuss AI risk mitigation at the “Security for AI and AI for Security” conference in Hà Nội on April 7. — VNS Photo Bảo Hoa

Financial institutions such as MBBank are also seeking to enhance their services with AI-powered tools, which are expected to be introduced in the near future.

“You can ask them your account information, the scale of financial resources you are using, or financial advice based on your transaction history,” said Bùi Gia Hiếu, MBBank’s chief information security officer.

The bank’s leadership is aware of the associated risks and has provided direction on AI use in customer support and efficiency optimisation.

“We are making some progress, but we are also looking forward to support from our industry partners to solve problems related to applying AI to our business,” Hiếu said.

Solution partners

Monitoring AI use is complex and requires solutions from different companies leveraging their respective strengths.

With advantages in chip and model development, NVIDIA said it can support areas requiring significantly increased computing power.

“We’ll start with the question of what we need to protect and what are the areas that might pose risks,” said Nguyễn Thanh Quế, a solutions architect at NVIDIA. “For us, the focus is on the model, data and the container that holds the models. Then it’s the authentication parts related to the software for special coordination, and the operating system.”

For issues related to network security, data leakage or AI-powered applications, Check Point Software Technologies said it offers relevant solutions.

“We can help solve problems for both the end-users and applications, and also perform security assessments,” said Chu Gia Khôi, chief technology officer of Check Point in Việt Nam.

Security before efficiency

Cybersecurity officers and experts also highlighted the need for AI regulations to be in place before the technology is widely deployed in business.

“At the moment, there aren't many effective information security solutions for AI. But we can’t not use AI just because of that,” said VCS’s Khoa. "The Government must take the lead by issuing national legal frameworks that businesses can follow to develop internal policies.

“If we don’t do this quickly, it will potentially lead to risks that we can’t control, because people won't wait to use AI. Even if we don’t issue policies, we can't guarantee that our employees won't use AI. There has been a lot of shadow AI (unapproved use of external AI tools without company oversight), and there are risks involved.”

VCS is seeking to mitigate these risks by introducing an AI application plan for employees from a risk management perspective, Khoa added.

It begins by allowing AI use in areas with minimal risk and limited impact on systems and operations, before gradually expanding into core business activities.

“This way, step by step, you'll have case studies to learn from, improve oversight and have better protection measures, all while leveraging the advantages of AI to create a competitive edge in your business,” he said.

MBBank’s Hiếu also said that AI governance solutions, processes and standards must be carefully considered before deployment.

“Before, we developed several platforms to provide security solutions for information security systems. Now, with AI, we are also thinking of AI-related solutions to protect users, and even protect the AI models we develop ourselves.”

A general principle he applies is to first determine which tasks AI tools will support and who will use them, then establish mechanisms to monitor usage.

Hiếu also stressed the importance of regulatory compliance.

“The government already issued an AI law. The State Bank of Vietnam is also planning to issue guidelines on the use of AI in the banking industry,” he said.

The Law on Artificial Intelligence was passed on December 10, 2025, during the 10th session of the 15th National Assembly of Việt Nam, making Việt Nam one of the few countries to have a standalone AI law.

It introduces a risk-based management approach, classifying AI systems into three levels: high, medium and low risk, with corresponding obligations for developers and operators.

The State Bank in late February issued a draft circular for public comment, setting out regulations on safety, risk management and requirements for AI use in the banking sector. The document is expected to take effect soon. — VNS