|Illustrative image (Source: Internet)
Addressing a workshop in Hanoi on May 8, Hong stated that cyber security should ensure cyberspace operations, while not harming national security, social order and safety, as well as legitimate rights and interests of organisations and individuals.
The draft law on cyber security is expected to be submitted to the National Assembly for discussion latter this month.
According to the Institute for Policy Studies and Media Development, the draft law can directly regulate and affect the rights and interests of three enterprise groups, including enterprises that produce and sell cyber security devices and technological solutions, enterprises that provide financial technology services and enterprises that provide digital solutions and services.
The draft law requires enterprises to store data and information within Vietnam, which had the characteristics of “data localisation”, said Nguyen Quang Dong, an expert from the institute. He added that this can hinder data flows between Vietnam and other countries, and increase business costs for both domestic and foreign enterprises.
According to him, the draft law’s regulations on cyber security inspection and assessment require enterprises to suspend or stop selling their products in case such products affect cyber security. The regulation is unclear and may lead to serious risks of violations of legal rights and interests.
This is a critical issue and needed to be considered carefully as strict enforcement of such regulations will have profound impacts on the interests and operation of enterprises, he said.
He stressed that the State, enterprises and users are the three key pillars ensuring cyber security.
At the workshop on cyber security, international experience and recommendations from multi-stakeholders in Vietnam, participants also discussed the trend of global cyber security, the importance of cross-border data flows in Asia and the development of the digital economy.
According to Jon Austin, Principal Solutions Architect of Amazon Web Services, security is not related to the physical location of the data. The internet is global so any system connected to the internet, directly or indirectly, is vulnerable to attacks.
In today’s world, cyber security is really about two things: the security of the physical infrastructure where data is stored and who owns and controls the data, he stated.
Lim May-Ann, Executive Director of the Asia Cloud Computing Association, said digital policies are often viewed with a risk-management lens, but regulators needed to move from this stance to one that facilitates economic growth by enabling cross-sectoral compliance and cross-jurisdictional interoperability.
She recommended a holistic approach to policy design and regulatory coordination and accelerated progress in technical infrastructure.