•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Most enterprises have focused primarily on prevention and blocking cyber security attacks, while when breaches occur they are not prepared to respond in a structured manner.
On April 23, the Financial Investment Magazine (VietnamFinance), in collaboration with FSI Technology Investment and Development Joint Stock Company, organized the conference “Financial data security in the AI era.”
At the event, Dr. Nguyen Duc Hien, Deputy Head of Policy and Strategy Section of the Central Office, said the Central Policy and Strategy has advised issuing two resolutions: Resolution 52-NQ/TW (2019) on policies actively participating in the Fourth Industrial Revolution, and Resolution 57-NQ/TW (2024) on breakthroughs in scientific and technological development, innovation and digital transformation.
Dr. Hien said AI can contribute 120–130 billion USD to Vietnam’s economy, equivalent to about 25% of current GDP. Based on this, for the first time the task of building a national AI transformation strategy has been set, with a requirement to present to the Government in the near future.
He noted that these directions are being integrated into the socio-economic development plan for 2026–2030, with a focus on promoting growth. Within the set of tasks, for the first time the content of building a national AI transformation strategy (AIX) appeared, identified as a next step after digital transformation.
Dr. Hien cited studies indicating AI could contribute 2,600–4,400 billion USD per year to the global economy, raising world GDP by about 7% over the next decade and potentially reaching about 15,700 billion USD by 2030. In the Asia-Pacific region, AI is forecast to contribute about 26% of growth.
Dr. Hien warned that alongside opportunities, there are major risks—especially cyber attack risks on information technology and data. He said the financial–banking sector plays a vital role in the economy, operates on data, and relies heavily on it, with enormous data generated that underpins the development of the digital and AI economy.
He pointed to cashless payments in 2025 reaching a scale about 28 times GDP, with strong growth in both the number and value of transactions, and said mobile payments grew particularly fast—indicating that the data generated is increasingly large.
“Nevertheless, cyber security risks also rise correspondingly. Vietnam is among the nations attacked most often, with hundreds of millions of data records compromised and millions of accounts stolen recently. Attacks cause significant financial damage and lead to data leaks with growing scale,” Dr. Hien said.
He emphasized that AI development must go hand in hand with data safety and system security, particularly in critical sectors such as finance and banking, to support sustainable economic growth.
Dr. Hien said Vietnam has strengthened its legal framework through laws and regulations related to information security, consumer protection, and personal data protection. However, he noted that many experts believe a more holistic approach is needed soon—both to ensure data safety and information security and to enable market development.
He added that this is not an easy issue, especially as laws related to data and AI are expected to be amended soon. He also referenced business feedback during project development: some enterprises believe they can operate flexibly before new regulations exist, but obstacles emerge as the legal framework is refined.
Nguyen Ích Vinh, Deputy General Director of FSI, said data in the finance and banking sector is growing rapidly—not only in volume but also in transaction frequency. He stated that over three years, the volume of digital transactions in Vietnam grew by 300%, creating unprecedented pressure on data infrastructure.
Mr. Vinh said transactions occur concurrently across multiple channels, increasing complexity and making data particularly “sensitive” and a priority target for cyber attacks.
He said AI is changing the security landscape: it is used not only for defense but also to create more sophisticated, unpredictable attacks at a faster pace than before. “A successful attack, even lasting only a few days, can erase years of accumulated gains,” he said.
Mr. Vinh explained that in software there is a vulnerability window—the time between discovery of a security flaw and the release of a patch. Previously, this window could last days or weeks, but with AI, attacks can exploit vulnerabilities within hours or almost instantly after they appear.
He said his observations show that currently only fewer than 10% of enterprises, even large ones, truly invest systematically in IT security. “Financial institutions may be the best among them, but most other enterprises still do not allocate sufficient resources for this issue,” Mr. Vinh stated.
Mr. Vinh warned that many enterprises focus on prevention but are not prepared for the scenario of a breach. “In other words, we are trying to build a very solid door to keep thieves out, but we do not prepare a plan if the thief gets inside,” he said.
From a technology company perspective, he argued that the approach must shift from cybersecurity as only defense to cybersecurity as resilience and recovery. He said this requires a comprehensive strategy covering technology, processes, awareness, and investment budgets.
He added that in practice, many organizations detect incidents only after data has been stolen or systems compromised, leading to reactive and belated responses that shift from prevention to crisis management.
Mr. Vinh said that from January 15, 2026, new regulations on personal data protection took effect with stricter requirements. He said enterprises are required not only to handle incidents internally but also to report and notify according to regulations; otherwise, penalties can reach up to around 3 billion VND, or be calculated as a percentage of revenue.
He emphasized that “risk is not only the fines, but market trust.” He said that after major data leakage incidents, enterprises may lose a large share of customers in a short time. He cited cases where, after more than a week to restore systems, businesses lost around 15% of individual customers, leading to a significant decline in assets under management and brand value.
“A successful attack, even if it lasts only a few days, can erase years of accumulated gains,” Mr. Vinh said.
Premium gym chains are entering a “golden era” that is ending or already in decline, as rising operating costs collide with shifting consumer preferences toward more flexible, community-based ways to exercise. Long-term memberships are shrinking, margins are pressured by higher rents and facility expenses, and competition from smaller, more personalized…
