Ensuring information security for digital platforms the top priority
On June 23, the Ministry of Information and Communications’ Authority of Information Security and IEC Group organized an international workshop on cybersecurity – Vietnam Security Summit 2022 in Hanoi.
This was the fourth time the event was organized to create a forum for policymakers, leading experts and cybersecurity solution providers to meet, discuss and share their experiences.
Speaking at the event, Dung stressed the topicality of this year’s theme ‘Information security for national digital platform – creating a sustainable digital future’ as the national digital transformation program, the strategies on developing digital government, digital economy and digital society have been issued, which shows the strong determination for digital transformation.
Under the programs, the development of digital platforms is defined as a breakthrough solution that accelerate the process.
Digital platform is the space where the activities of agencies, organizations, businesses and Vietnamese take place in the digital environment. Vietnam’s digital platforms are national cyberspace, while ensuring cyber information security is protecting the national cyberspace. Therefore, ensuring cyber information security for digital platforms must be considered the top priority, which is an inseparable part of digital transformation.
He said that digital platforms, when deployed on a large scale and serving many people, need to have strong resilience against attacks with increasing frequency, increasing scale, increasingly sophisticated techniques, and increasing consequences.
The basic characteristic of platforms is that they are commonly used and the numbers of users are high and generate big data, including personal and institutional data. Therefore, digital platforms are the targets of cyber-attackers.
In the past, institutions and businesses considered the development of apps with features satisfying customers’ requirements was a major task, while information security was just a supporting feature. But now, ensuring information security for platforms must be implemented in the design of products and it is considered one of the most important features of products.
In the past, only after information insecurity incidents occurred did individuals and institutions think of information security. But now, information security is important throughout the lifecycle of digital platforms under the DevSecOps (development, security, operations) process.
In the past, some owners of information systems accepted to put systems into use without assessment of the information security level. But now, they won’t use the systems until they are sure about the security level.
In order to do that, the developers of platforms need to reserve a reasonable budget for features to ensure information security, about 20-30 percent of total investment.