The cybersecurity firm's latest survey shows that 96% of enterprises in Vietnam plan to outsource either parts of or their entire Security Operations Center (SOC). This rate significantly surpasses the global average of 64%.

Specifically, 59% of Vietnamese businesses favor a hybrid model that combines in-house staff with external support, while 37% intend to fully delegate SOC operations to a third-party provider through a SOC-as-a-Service model. Only a small number of companies believe they can build and maintain a SOC entirely with internal resources.

Outsourcing allows businesses to transfer specific tasks - or even the entire SOC workflow - to trusted service providers. These functions typically include designing and building the SOC architecture, deploying and maintaining SOC technologies, continuous monitoring and threat analysis by external specialists, professional consulting and training, and full-service SOCaaS, which ensures 24/7 threat detection, investigation, and incident response.

The survey also reveals that Vietnamese businesses are far more likely to outsource the implementation of security solutions (82%), development and provision of tools (75%), and SOC design (79%) - all notably higher than the global rates of 55%, 53%, and 47%, respectively.

One key driver behind this trend is the difference in staffing needs. Globally, companies tend to outsource entry-level analyst roles. In contrast, Vietnamese firms are in urgent need of high-level cybersecurity talent.

The most commonly outsourced roles in Vietnam include security engineers (61%), development teams (44%), and threat hunters (44%). These figures reflect the scarcity of skilled cybersecurity personnel in the country, forcing companies to rely on specialized external expertise.

Beyond human resource constraints, the pressure to maintain continuous operations is a major motivating factor. A significant 79% of Vietnamese businesses cited the need for uninterrupted 24/7 protection as a reason to outsource - something that internal teams often struggle to sustain. Additionally, 80% of respondents see outsourcing as a pathway to advanced technologies like XDR (Extended Detection and Response) or MDR (Managed Detection and Response), without requiring major upfront infrastructure investments.

Sergey Soldatov, Head of SOC at Kaspersky, remarked that handing off complex technical responsibilities enables companies to focus more on strategic decision-making. “Over time, this model turns SOC from a cost burden into a core capability that ensures business continuity,” he said.

To make the most of the outsourced model, experts recommend engaging consultants from the initial SOC architecture phase and investing in AI-integrated SIEM solutions to support real-time analysis and incident handling by internal security teams.

Du Lam