Hanoi to establish and operationalize a City Cyber Security Center by 2027

Hanoi will build and bring into operation a City Cyber Security Center to support monitoring activities and readiness to respond to cyberattack threats, and to enable sharing of national cybersecurity monitoring data. The project is targeted for completion in the second quarter of 2027.

On the same day, Vu Dai Thang, Chairman of the City People’s Committee, signed Directive No. 05/CT-UBND dated April 11, attaching science, technology, innovation and digital transformation to the processes for formulating, appraising and implementing the city’s plans, schemes, projects and tasks.

Integrating security technology without raising compliance costs

The directive requires science and technology, innovation and digital transformation to be integrated from the proposal stage through all state administrative activities in Hanoi, including drafting, appraisal, approval, deployment, monitoring and evaluation of plans, schemes, projects and tasks. It also encourages broad application in economic, cultural and social fields.

The integration is intended to improve efficiency, create added value and deliver measurable results. It must ensure that administrative procedures and paperwork are not increased and that compliance costs do not rise. The directive also calls for stronger post-oversight by evaluating outcomes and data from operations.

Strategic vision to 2045

By 2045, Hanoi aims to develop a cadre of leading national and international experts in digital science and technology, master core technologies, and build cybersecurity infrastructure and modern digital infrastructure. The city also plans to establish innovation centers and high-tech parks.

The directive states that all state governance should rely on proven science and validated data, with clear definition of the scope of science and technology applications and the knowledge value created during implementation.

It further requires early adoption and integration of technology across relevant areas. Where technology is not applied, reasons must be stated. Priority should be given to advanced technologies meeting national and international standards, especially Vietnam-owned products and solutions or those capable of domestic adoption and mastery.

Pilot deployments and controlled trials of new technologies, processes, solutions, products, services or business models should be conducted in line with regulations and scaled up after successful pilots.

The city will shift sectors to digital methods of operation, governance and service delivery, gradually replacing traditional methods to create new value, improve efficiency and increase transparency.

Information systems and platforms should follow shared-use principles, data sharing and an API-first approach, aligned with Hanoi’s digital architecture. Interactions between government agencies, citizens and businesses, and among organizations should be conducted primarily through digital services and platforms. Digital transformation activities must be accompanied by data creation, cleansing, standardization, integration and exploitation, and the city will establish a city-wide data repository to support sharing, connectivity and value creation.

Cybersecurity governance and implementation timeline

Hanoi will establish and operate a Cyber Security Sub-Committee. Its tasks include building and implementing a 2026 operating plan and subsequent years, and establishing and bringing online the City Cyber Security Center to ensure monitoring and readiness to respond to cyber threats, with completion targeted for Q2 2027. The center is also intended to enable sharing of national cybersecurity monitoring data.

By 2030, the city plans to train and develop a high-level team of cybersecurity professionals to meet domestic and international demand. Agencies are expected to implement and apply the National Cybersecurity Risk Management Framework, and the share of “Make in Vietnam” cybersecurity products and services in city agencies must exceed 50%.

Reviews, vulnerability fixes and incident response

The directive sets several deadlines for cybersecurity readiness. Comprehensive reviews are required by June 2026. Resources should be mobilized to fix vulnerabilities by April 2026, and security level appraisals should be completed by April 2026. For systems under construction, security level approvals are required before operation.

It also calls for establishing an information exchange and data sharing channel to support monitoring and incident response, to be completed by July 2026. Incident reporting is required within 24 hours if an incident occurs, with response coordination involving the City Police.

Four-layer information security model

Under the plan, Hanoi will deploy a four-layer information security model:

• On-site local forces for operation, monitoring and initial incident response.
• A 24/7 monitoring system to detect early threats.
• An independent unit for periodic checks to ensure objectivity and transparency.
• Connection and information sharing with the national monitoring system to support nationwide coordinated response, excluding military and sensitive information systems.

The model’s implementation is targeted for completion by Q2 2027.

Public training and support for cybersecurity awareness

The directive includes training programs on cybersecurity knowledge using the platform “Bình dân học vụ số.” It also calls for strengthening public outreach and social networks to educate citizens on recognizing phishing and fraud, and to receive and process feedback and incidents.

Funding and research targets

State funding is planned for up to 3 billion for each outstanding science and technology PhD student. The directive also sets a target of 12 science and technology researchers per 10,000 people. It notes that Ho Chi Minh City selects 9 strategic technology groups.

Other referenced items include smart factories and related policy directions.