Vietnam: Draft Law on Digital Transformation, 2025 including cybersecurity regulation was introduced to National Assembly

On 31 October 2025, the Law on Digital Transformation was introduced to the National Assembly of Vietnam. The Law on Digital Transformation applies to domestic and foreign organisations and individuals directly involved in or related to digital transformation in Vietnam under Article 2. Article 4(5) requires implementing measures to ensure cybersecurity and data protection in the design, deployment, operation, and use of digital systems, including monitoring, evaluating, responding to, managing risks, and resolving cybersecurity incidents. Article 8(2) requires digital systems to ensure cybersecurity levels and to establish mechanisms for monitoring, detecting, alerting, responding to, and restoring operations in the event of incidents. Article 8(4) requires data to be stored, backed up, protected, and recovered to ensure integrity, availability, and resilience. Article 8(5) requires backup and failover plans to ensure uninterrupted operation of critical systems or essential services. Article 16(1)(c) requires organisations to ensure cybersecurity and implement risk prevention measures. Article 27(1) requires compliance with the law on cybersecurity and related laws.