Vietnam: National Assembly adopted Law on Digital Transformation including cybersecurity regulation

On 11 December 2025, the National Assembly of Vietnam adopted the Law on Digital Transformation. The Law sets out cybersecurity obligations for organisations and individuals participating in digital transformation. Article 4(5) establishes requirements to ensure cybersecurity and data protection throughout the lifecycle of digital systems, including monitoring, evaluation, response, risk management, and incident resolution. Article 8(2), Article 8(4), and Article 8(5) require mechanisms for monitoring and detection, data storage, backup and recovery, and backup and failover plans. Article 16(1)(c) requires organisations to ensure cybersecurity and implement risk prevention measures when operating digital systems and digital platforms. Article 27(1) requires organisations and individuals to comply with the law on cybersecurity, the law on data, and the law on personal data protection.