On February 28, 2025, the Ministry of Public Security and the Ministry of Information and Communications held a handover ceremony for the transfer of cybersecurity assurance responsibilities from the Ministry of Information and Communications to the Ministry of Public Security. Simultaneously, the transfer of state management functions related to cybersecurity was also carried out between provincial police departments and the Departments of Information and Communications in provinces and cities.
Accordingly, the Ministry of Public Security will assume the state management function for handling ten administrative procedures under three categories of public services, including:
- Issuance, reissuance, extension, modification, and supplementation of business licenses for cybersecurity products and services.
- Issuance and reissuance of import licenses for cybersecurity products.
- Issuance of certificates for brand identifiers.
The MPS takes over cybersecurity assurance responsibilities from the MIC. Photo: chinhphu.vn
From a legal perspective, the current Law on Cybersecurity No. 86/2015/QH13 remains in effect and still designates the Ministry of Information and Communications as the state management authority for cybersecurity licensing procedures. However, following the recent transfer of responsibilities, the MIC and the Authority of Information Security will no longer hold state management functions over cybersecurity from March 1, 2025.
As a result, this transition is expected to impact the import and export of cybersecurity products for businesses. Based on our analysis, we anticipate the following legal and administrative adjustments:
- Amendment of the Law on Cybersecurity by the National Assembly, officially designating the Ministry of Public Security as the state management authority for cybersecurity.
- Amendment of Decree No. 108/2016/ND-CP by the Government, reflecting the transfer of authority over cybersecurity to the MPS.
- MPS establishing procedures and launching an online public service portal for handling cybersecurity-related administrative procedures.
- Transfer of ongoing cybersecurity licensing applications from the MIC to the MPS for further processing.
According to the Law on the Promulgation of Legal Documents, the entire process of amending laws, decrees, and issuing new circulars is expected to take 3 to 6 months. Therefore, businesses dealing with IT and cybersecurity products should await further guidance from regulatory authorities and proactively plan their business strategies during this transition period.
