Under the administration of General Secretary and State President Tô Lâm, the cybersecurity sector in Việt Nam has reached an unprecedented level.
He has frequently emphasized that cybersecurity is a core issue of regime security. According to him, personnel in this field must “coordinate in combat, closely cooperate with the military,” “master cyberspace,” and “detect, prevent, neutralize, and defeat all plots and activities using cyberspace to sabotage the Party and the State.” [1]
Because of this newly defined mandate, this force will likely exert a significant influence on broader society as digital technology becomes increasingly embedded in daily life.
The Cybersecurity Force Composition
The Communist Party, under the leadership of Tô Lâm, directed the National Assembly to pass the Cybersecurity Law 2025, scheduled to take effect on July 1, 2026. [2]
Compared to the 2018 version, this updated law provides detailed regulations and clearer distinctions regarding the personnel conducting cybersecurity work, formally identifying them as the “cybersecurity force” under Article 30.
To implement this article, the Ministry of Public Security (MPS) drafted a decree regulating this protection force, which was closed for public consultation on March 30. [3] According to the draft, the force is divided into three main components:
- The Specialized Force:
- Stationed full-time across central and local agencies, these personnel operate under the ministries of Public Security and National Defense. This includes the Cybersecurity and High-Tech Crime Prevention Department (and its provincial divisions), as well as the Military Security Protection Department and the Cyber Operations Command.
- The Standing Force:
- Permanently stationed at various ministries, sectors, provincial People’s Committees, and organizations. This component consists of internal IT staff within agencies and enterprises, alongside external cybersecurity service providers hired to protect their clients’ information systems and databases.
- The Reserve Force:
- Comprising experts, scientists, mobilized civilians, police conscripts, and enlisted military personnel. These individuals operate under strict licensing, approval mechanisms, and continuous supervision.
Authority over the management and supervision of all three cybersecurity groups will remain with the ministries of Public Security and National Defense.
Duties and Responsibilities of the Force
The cybersecurity force is tasked with conducting operations across the digital space and ensuring information security to “proactively prevent and push back early factors that cause instability.” Their specific duties are divided among the three components:
- The Specialized Force:
- Serving as the central pillar of the national cybersecurity ecosystem, this group has the authority to advise on and submit cybersecurity legislation.
- Operationally, it controls the national digital security monitoring mechanism and holds exclusive authority to conduct scans, coordinate responses, and resolve security incidents. It has full power to lead enforcement campaigns, which include collecting electronic data, suspending information systems, and demanding the removal of content deemed false or illegal.
- It also conducts training drills and represents the state internationally regarding cyber intelligence sharing, treaties, and cross-border threats.
- The Standing Force:
- While its functions mirror those of the specialized force, its authority is localized to specific agencies and lacks administrative enforcement powers.
- This component is primarily responsible for maintaining 24/7 operational contact points and submitting both regular and emergency cybersecurity reports to higher authorities.
- The Reserve Force:
- This group is mobilized during severe cyber incidents affecting multiple agencies or threatening national security, during mandated training programs, or by direct order from the ministers of Public Security or National Defense.
- Mobilized experts and scientists are tasked with analyzing, forecasting, and mitigating cyber risks and violations.
- Additionally, civilian organizations and individuals may be drafted to assist in information campaigns to counter content labeled “misleading” or “toxic.”
Estimating the Size of the Force
The exact size of Việt Nam’s cybersecurity force remains unknown. Because the government has never published specific statistics, the total number of personnel and their allocation across various agencies are still major question marks.
However, authorities have long prioritized the recruitment of “cybersecurity talents” through state-sponsored competitions. This aggressive recruitment push is likely a response to a severe national deficit; according to a report by the National Cyber Security Association (NCA), Việt Nam could face a shortage of more than 700,000 cybersecurity workers in the coming years. [4]
To address this gap, the Communist Party issued Plan No. 04-KH/BCĐTW on Feb. 4, which sets a definitive goal of building a team of 10,000 highly qualified cybersecurity experts by 2030. Concurrently, the state aims for Vietnamese-made cybersecurity products and services to capture more than 50% of the domestic market. [5]
In 2017, Tuổi Trẻ newspaper reported that approximately 10,000 personnel under the Ministry of National Defense were already engaged in combating what authorities described as hostile viewpoints on social media. [6] Nevertheless, no formal standards for a dedicated cybersecurity protection force existed at that time.
It was not until late 2024, when Tô Lâm became general secretary, that an apparatus formally designated as the cybersecurity force formally emerged.
The Government’s Rationale for a National Cyber Force
According to the explanatory report accompanying the draft decree, the MPS asserted that establishing a dedicated cybersecurity protection force is a “necessary” task to protect the Party. [7]
This initiative aligns with the 14th Party Congress, which positioned the protection of national security—specifically encompassing data and cybersecurity—as the top priority under current conditions.
Expanding on this, Minister of Public Security Lương Tam Quang stated that the Party Congress identified regime security and governing security as the two “critical” pillars of the national security system. Ultimately, the fundamental objective is to ensure the maintenance and protection of the Communist Party’s leadership role and the broader socialist system. [8]
Beyond political preservation, the requirement for this force is driven by technical vulnerabilities. Security officials argue that Việt Nam’s ongoing digital transformation, which includes the development of a digital government and economy, has drastically increased the nation’s reliance on digital data infrastructure in quantity, scale, and intensity.
At the same time, executive agencies note that cyberattacks, unauthorized network intrusions, data theft, and leaks of state secrets have grown more frequent and sophisticated.
Therefore, the MPS says that creating a complete legal framework for these forces is “essential” to involve civilian sectors in the national cybersecurity system. The MPS argues that doing so will strengthen the mechanisms for detecting, receiving, and handling vulnerability reports in a lawful, controlled, and socialized manner under strict state management.
Human Rights and Surveillance Concerns
In its 2022 annual report on “The right to privacy in the digital age,” the Office of the United Nations High Commissioner for Human Rights expressed significant apprehension regarding global cybersecurity policies. [9]
According to the report, measures ostensibly intended to strengthen cybersecurity are actively “undermining the privacy and security of all users while exposing them to unlawful interference, not only from states but also from non-state actors, including criminal networks.”
The UN human rights office specifically highlighted the ongoing threat of mass surveillance and the large-scale interception of communications. The office noted that despite some nations improving their safeguards, the practice of “monitoring the online activities of large segments of the population, or even entire populations, has not ended.”
Furthermore, while governments frequently justify broad data collection and surveillance under the guise of national security or cybercrime prevention, the report notes that their primary targets in practice are often journalists, human rights activists, politicians, and lawyers.
When applied to Việt Nam, these international concerns are amplified by the fact that the national cybersecurity force operates without any independent oversight mechanism. Human Rights Watch has repeatedly urged the Vietnamese government to repeal Decree 147 and the 2018 Cybersecurity Law. The organization argues that rather than protecting citizens from legitimate security threats, these legal instruments function primarily as tools of state repression. [10]
Sùng Chính wrote this article in Vietnamese and published it in Luật Khoa Magazine on May 7, 2026. Đàm Vĩnh Hằng translated it into English for The Vietnamese Magazine.
1. Anh. (2025). General Secretary Tô Lâm: Build a Healthy Cyberspace and Ensure Security and Safety for Citizens Online. Mps.gov.vn; Ministry of Public Security. Mps.Gov.Vn; Bộ Công an. https://mps.gov.vn/bai-viet/tong-bi-thu-to-lam-xay-dung-khong-gian-mang-lanh-manh-dam-bao-an-ninh-an-toan-cho-nguoi-dan-khi-tham-gia-moi-truong-mang-d2-t43368
2. thuvienphapluat.vn. (2026, February 3). 2025 Cybersecurity Law. THƯ VIỆN PHÁP LUẬT; thuvienphapluat.vn. https://thuvienphapluat.vn/van-ban/Cong-nghe-thong-tin/Luat-An-ninh-mang-2025-so-116-2025-QH15-666020.aspx
3. Draft Dossier for the Decree on Cybersecurity Protection Forces. (2026). Bocongan.Gov.Vn. https://bocongan.gov.vn/chinh-sach-phap-luat/lay-y-kien-du-thao/ho-so-du-thao-nghi-dinh-quy-dinh-ve-luc-luong-bao-ve-an-ninh-mang-1773996864?type=dang-lay-y-kien
4. Ngọc Tuân and PV, BTV group. (2025). Cybersecurity personnel are the final line of defense ensuring the smooth operation of systems. VietNamNet News; Vietnamnet.vn. https://vietnamnet.vn/nhan-luc-an-ninh-mang-la-lop-phong-thu-cuoi-giup-he-thong-van-hanh-tron-tru-2461995.html
5. Plan to Ensure Cybersecurity, Information Security, and Data Security Within the Political System. (2026). Moc.Gov.Vn. https://moc.gov.vn/vn/tin-tuc/1326/91534/ke-hoach-bao-dam-an-ninh-mang–bao-mat-thong-tin-va-an-ninh-du-lieu-trong-he-thong-chinh-tri.aspx
6. HOA, M. (2017, December 25). More Than 10,000 Members of “Force 47” Engage in Online Information Warfare. TUOI TRE Online; tuoitre.vn. https://tuoitre.vn/hon-10-000-nguoi-trong-luc-luong-47-dau-tranh-tren-mang-20171225150602912.htm
7. Draft Dossier for the Decree on Cybersecurity Protection Forces. (2026). Bocongan.Gov.Vn. https://bocongan.gov.vn/chinh-sach-phap-luat/lay-y-kien-du-thao/ho-so-du-thao-nghi-dinh-quy-dinh-ve-luc-luong-bao-ve-an-ninh-mang-1773996864?type=dang-lay-y-kien
8. cand.com.vn. (2026, February 7). Full Text of the Special Report “New Awareness and Thinking on Security in the Party’s 14th Congress Resolution” – People’s Public Security Newspaper Online. https://cand.com.vn/su-kien-binh-luan-thoi-su/toan-van-chuyen-de-nhan-thuc-tu-duy-moi-ve-an-ninh-trong-nghi-quyet-dai-hoi-xiv-cua-dang-i796514/
9. Document Viewer. (2026). Un.Org. https://docs.un.org/en/A/HRC/51/17
10. Vietnam: Repeal Harmful Internet Laws. (2024, December 11). Human Rights Watch. https://www.hrw.org/news/2024/12/11/vietnam-repeal-harmful-internet-laws
