According to Cisco's 2025 Cybersecurity Readiness Index, Vietnam is facing a critical situation regarding its ability to handle rising cybersecurity threats. The report reveals that only 11% of organizations in Vietnam have achieved the 'Mature' level, indicating a troublingly low level of readiness to address modern cybersecurity risks. Although this figure marks an improvement from the previous year, when just 6% of organizations were rated as 'Mature', the increase does not reflect a robust response to the growing challenges posed by cyber threats.
The urgency of the situation is underscored by the fact that 87% of organizations in Vietnam reported experiencing at least one security incident related to artificial intelligence (AI) in the past year. This alarming statistic highlights the dual nature of AI, which is revolutionizing cybersecurity while simultaneously introducing new vulnerabilities. Despite the prevalence of these threats, only 55% of survey participants believe their employees genuinely understand AI-related risks, and just 53% are confident that their technical teams can identify how malicious actors exploit AI.
Jeetu Patel, Cisco's Product Director, stated, "As AI transforms how businesses operate, we are confronted with an entirely new type of risk on an unprecedented scale. This places significant pressure on infrastructure and security teams. This year's report continues to highlight concerning gaps in cybersecurity readiness and delays in addressing these issues." His comments reflect the broader challenges organizations face as they adapt to a rapidly evolving threat landscape.
The 2025 Cybersecurity Readiness Index evaluates business preparedness across five key pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification. These pillars encompass a total of 31 solutions and capabilities that organizations must implement to improve their cybersecurity posture. The survey utilized a 'double-blind' method, gathering insights from 8,000 security and business leaders across 30 global markets, including Vietnam.
In Vietnam, the perception of cybersecurity threats is grim, with 78% of survey participants predicting that their businesses will face operational disruptions due to cybersecurity incidents within the next 12 to 24 months. This foreboding outlook emphasizes the need for organizations to bolster their defenses against increasingly sophisticated attacks.
One of the most pressing issues identified in the report is the complexity of security infrastructure. A staggering 84% of organizations admitted that their security systems are overly complicated, often employing more than ten separate security solutions. This complexity hinders their ability to respond swiftly and effectively to emerging threats. Furthermore, 95% of organizations reported difficulty in finding cybersecurity experts, with 42% indicating a need to hire more than ten specialized technical positions.
Despite the challenges, the report outlines some positive trends. For instance, 96% of organizations are utilizing AI to identify threats, and 81% have integrated AI into their incident response and recovery solutions. However, the risks associated with AI are not to be underestimated. Approximately 44% of employees at Vietnamese organizations are using unapproved third-party Generative AI (GenAI) tools, while only 25% have unrestricted access. Alarmingly, 40% of IT teams are unaware of how employees are utilizing these tools, which raises concerns about uncontrolled AI usage.
Moreover, 62% of organizations lack confidence in their ability to detect unauthorized AI usage by employees. This situation is compounded by the fact that 90% of organizations face increased risks when employees access networks from unmanaged devices, a challenge that has become more pronounced in the era of hybrid work.
In response to these findings, Cisco has recommended several strategies for organizations to enhance their security capabilities. These include prioritizing investment in AI-powered security tools for rapid threat detection and response, simplifying security infrastructure to reduce the number of disparate solutions, and raising employee awareness about AI-related threats. Moreover, organizations must address the skills gap in cybersecurity by implementing training and retention strategies to attract and retain talent in this critical field.
Nguyen Nhu Dung, General Director of Cisco Vietnam, Laos, and Cambodia, emphasized the need for a new approach to cybersecurity. He remarked, "AI opens up many new opportunities but also increases the complexity of an already challenging cybersecurity landscape. Over the past year, we have seen businesses worldwide, including those in Vietnam, struggling to respond to increasingly sophisticated threats such as the emergence of Shadow AI, the skills shortage, and complex security infrastructures. It is time for businesses to adopt a new approach to cybersecurity issues—not only leveraging AI to enhance security but also ensuring that AI itself is operated safely and is easily scalable."
As organizations in Vietnam grapple with these challenges, the importance of proactive measures and strategic investments in cybersecurity cannot be overstated. The findings from Cisco's report serve as a wake-up call for businesses to reassess their cybersecurity strategies and take decisive action to safeguard their operations against the evolving threat landscape.
