According to Cisco's 2025 Cyber Security Readiness Index, only 11% of organizations in Vietnam have achieved the 'Mature' level of readiness necessary to effectively respond to current cybersecurity threats. This is a modest increase from last year, when just 6% of organizations were rated as Mature, but it highlights a concerning trend: despite some improvement, the overall readiness level remains low. This is particularly alarming given the rapidly evolving landscape of cybersecurity, especially with the rise of artificial intelligence (AI) that continues to present increasingly complex challenges for security professionals.
AI is revolutionizing the cybersecurity sector, but it also brings with it a wave of new threats. In the past year, a staggering 87% of organizations reported experiencing AI-related security incidents. However, a significant gap in understanding persists; only 55% of survey participants believe their staff truly grasp the AI-related threats they face, and just 53% feel their teams fully understand how malicious actors are leveraging AI to execute sophisticated attacks. This lack of awareness is pushing organizations into a precarious position, facing serious risks.
In fact, the report indicates that 60% of organizations have suffered cyberattacks over the past year. When it comes to threat perception, 71% of respondents consider external threats, such as hackers and state-affiliated groups, to pose a more serious risk than internal threats, which were noted by 29% of those surveyed. This underscores the urgent need for organizations to develop lean and effective defensive strategies to counter external attacks.
Jeetu Patel, Cisco's Product Director, stated, "As AI is transforming businesses, we are facing an entirely new type of risk on an unprecedented scale. This is putting increasing pressure on infrastructure and security teams. This year’s report continues to highlight concerning vulnerabilities related to cybersecurity readiness and the delays in addressing these issues. Organizations need to urgently reassess their strategies now if they do not want to fall behind in the AI era."
Alarmingly, 78% of survey participants predict their businesses will face operational disruptions due to cybersecurity incidents within the next 12 to 24 months. This is a significant concern that emphasizes the need for immediate action.
AI is playing an increasingly crucial role in cybersecurity. The report reveals that 96% of organizations are utilizing AI to better understand threats, with the same percentage using it to detect threats. Furthermore, 81% are leveraging AI in incident response and recovery, indicating that AI is becoming a cornerstone in bolstering cybersecurity strategies.
However, the deployment of Generative AI (GenAI) tools is also raising concerns. The report shows that 44% of employees in Vietnamese organizations are using approved third-party GenAI tools, yet only 25% have unrestricted access to public GenAI tools. Alarmingly, 40% of IT teams lack insight into how employees are interacting with GenAI, reflecting significant challenges in monitoring and oversight.
Moreover, 62% of organizations admit to lacking confidence in detecting employees using uncontrolled AI, often referred to as Shadow AI. This situation poses serious risks to both cybersecurity and data privacy. In the context of hybrid work models, 90% of organizations face increased security risks when employees access networks from unmanaged devices. This issue is exacerbated when employees use unapproved GenAI tools, highlighting a critical area of vulnerability.
Despite the pressing need for enhanced cybersecurity measures, there is a troubling trend in budget allocation. While nearly all organizations (99%) plan to upgrade their IT infrastructure, only 52% are allocating more than 10% of their IT budget to cybersecurity, a decrease of 1% compared to the previous year. This indicates a potential misalignment between the urgency of the threat landscape and financial investment in cybersecurity.
Furthermore, 84% of organizations reported that their current security infrastructure is overly complex, with more than 10 separate security solutions deployed. This complexity hinders their ability to respond swiftly and effectively to threats. The survey also highlights a critical shortage of cybersecurity talent, with 95% of participants identifying this as a major challenge. Notably, 42% reported needing to recruit more than 10 professional positions.
To effectively address the current cybersecurity challenges, organizations must prioritize investment in AI-driven solutions, simplify their security infrastructure, and enhance awareness of AI-related threats. The emphasis on using AI for threat detection, incident response, and recovery is crucial, as is addressing the shortage of skilled personnel and managing risks associated with unmanaged devices and Shadow AI.
Nguyen Nhu Dung, General Director of Cisco Vietnam, Laos, and Cambodia, emphasized, "AI opens up many new opportunities but also increases the complexity of an already challenging cybersecurity landscape. Over the past year, we have seen businesses worldwide, including those in Vietnam, struggling to cope with increasingly sophisticated threats, such as the emergence of Shadow AI and the lack of skilled personnel and complex security infrastructures. This indicates that it is time for a new approach to cybersecurity issues—not only to leverage AI for enhanced security but also to ensure that AI operates safely and is easily scalable."
As organizations navigate these turbulent waters, the need for a proactive and comprehensive approach to cybersecurity has never been more crucial. The stakes are high, and the path forward will require vigilance, investment, and a commitment to understanding the evolving threats posed by AI and other emerging technologies.
