The survey, released on January 21, found that 82 per cent of businesses in Vietnam view SOCs as a critical factor in improving cybersecurity resilience, significantly higher than the global average of 50 per cent.

Photo: National Cybersecurity Association

The research was conducted across 16 countries and territories, including Vietnam, with respondents comprising senior IT security specialists, managers and executives from companies employing more than 500 staff. All participating enterprises had yet to establish an SOC at the time of the survey.

Compared to global figures, Vietnamese firms consistently showed a higher level of interest in SOC deployment. Some 83 per cent cited the need to respond to increasingly sophisticated cyber threats as the primary driver for building an SOC, nearly double the global average of 45 per cent.

Meanwhile, 75 per cent expected SOCs to help shorten incident detection and response times, compared to 41 per cent worldwide.

Beyond technical considerations, data governance and regulatory compliance pressures are also accelerating demand. The survey indicated that 76 per cent of Vietnamese enterprises prioritise the protection of critical information, almost twice the global average.

Meanwhile, 67 per cent highlighted compliance requirements as a key motivation, compared with just 39 per cent globally.

At a global level, large enterprises typically deploy an average of 5.5 technology solutions within each SOC, while smaller organisations integrate fewer tools, at around 3.8 solutions. This trend reflects the greater complexity of large-scale systems and higher compliance requirements, driving stronger investment in cybersecurity infrastructure.

Adrian Hia, managing director for Asia-Pacific at Kaspersky said, “Vietnamese enterprises are investing heavily in technology while also placing strong emphasis on workforce expertise, process maturity and continuous improvement.”

According to the National Cybersecurity Association, Vietnam’s information systems faced around 552,000 cyberattacks in 2025, down a little over 19 per cent on-year.

However, the decline in attack volume does not necessarily translate into lower risk. Some 52 per cent of agencies and businesses reported suffering damage from cyberattacks during the year, up sharply from around 46 per cent in 2024.

The five most common forms of cyberattacks in 2025 included distributed denial-of-service attacks, gambling and betting advertising backlinks, advanced persistent threats, data theft and ransomware encryption attacks.

These attack methods are increasingly being combined and deployed in coordinated, carefully calculated scenarios, heightening the overall risk landscape for enterprises.