On December 9-10, 2024, in Hanoi, Vietnam Oil and Gas Group (Petrovietnam) coordinated with Vietnam Cyber Security Technology Joint Stock Company (VNCS) to organize the "Information Security and Cyber Security Incident Response Program of Vietnam Oil and Gas Group in 2024" practical exercise.
Attending the drill were officers in charge of cybersecurity work of Petrovietnam and its member units.
Mr. Nguyen Anh Duc - Head of Science, Technology and Digital Transformation Department of Vietnam Oil and Gas Group delivered the opening speech of the program.
Speaking at the opening ceremony, Mr. Nguyen Anh Duc - Head of Science, Technology and Digital Transformation Department of the Group said that in recent times, the situation of information security and network security has been very complicated, the network security team of Petrovietnam and its units have detected many targeted attacks through scanning activities, spreading malicious packets... to attack the information technology (IT) system of the Group and its units. Although the network security team of Petrovietnam and its units have stopped many of the above targeted attacks, hackers may continue to carry out targeted attacks on the Group and its units, affecting production and business activities.
Therefore, along with the synchronous deployment of solutions from technology, processes and people, organizing practical training programs on information security is extremely necessary. This is not only an opportunity to assess the current situation of the response capacity of specialized teams to information security situations, but also a premise to build and train a force of specialized cyber security officers to gradually stand firm against information security incidents, always proactive in the face of all threats. Through training situations, the staff will be equipped with the skills to detect attacks early, respond promptly, thereby ensuring the safety and security of the entire IT system of the Group.
Cyber security specialists of Petrovietnam and its member units conduct the tests.
At the program, Petrovietnam's cybersecurity specialists and member units were divided into 8 groups, conducted simulated attack tests and coordinated to develop clear defense strategies, proactively review and promptly detect the risk of attack.
Specialized staff participated in the drill seriously, fully, and complied with the rules and instructions of the Organizing Committee.
Mr. Bui Dinh Giang - Deputy Chief of Office, Head of IT and Digital Transformation, Petroleum Exploitation Services Joint Stock Corporation (PTSC).
Sharing at the program, Mr. Bui Dinh Giang - Deputy Chief of Office, Head of IT and Digital Transformation, Oil and Gas Exploitation Services Joint Stock Corporation (PTSC) - an officer participating in the exercise shared that in the digital age, network security plays a key role in the sustainable development of enterprises. Especially for strategic corporations like Petrovietnam, ensuring network security is not only a responsibility but also a vital factor to protect information, maintain production and business activities and maintain national prestige.
Mr. Bui Dinh Giang commented that the drill was extremely important, contributing to raising awareness of Petrovietnam leaders, officers and employees about the risks of cyber attacks. During the drill, emergency situations were vividly simulated to test the coordination between departments and functional units. This will help improve the ability to recognize and fix incidents, minimizing negative impacts on production and business activities. Along with that, the drill also helped Petrovietnam and its member units assess the remaining loopholes in the network security system to quickly find solutions to overcome them...
Deputy Chief of Office, Head of IT and Digital Transformation, PTSC Corporation affirmed that the drill is an opportunity for officers to practice, exchange experiences, and propose appropriate solutions to flexibly deal with all risks. Organizing regular drills not only helps Petrovietnam strengthen its response capabilities, but also affirms the Group's strong commitment to protecting important information and data, thereby minimizing the impact on the country's economy and enhancing Petrovietnam's position in the international arena.
Mr. Dang Minh Tuan - Deputy Head of Information Technology Department of Binh Son Refining and Petrochemical Joint Stock Company (BSR) participated in the program.
Mr. Dang Minh Tuan - Deputy Head of Information Technology Department of Binh Son Refining and Petrochemical Joint Stock Company (BSR) - an officer participating in the exercise said: "At the exercise, we prevented 4 simulated attacks including: Deface attack and taking control of the webserver; Phishing attack via email (Fishing email); Privilege escalation attack; Ransomware data encryption attack. To prevent and defend against attacks, we used monitoring tools through SIEM solutions such as Splunk (IBM), QRadar or MS Sentinel... In addition, the best way to prevent attacks is to detect early and respond quickly when a targeted attack occurs".
Mr. Dang Minh Tuan shared that through the drill, he himself has drawn many valuable experiences and lessons on information security and network security incident response, which can be applied at the unit such as: it is necessary to prepare detailed scenarios and assess all possible incidents; staff need to be trained regularly and updated with new knowledge on information security and network security; coordination between departments and technical departments is very important; and information must be communicated clearly and quickly to minimize damage. In addition, it is necessary to regularly check and improve the incident response process to better suit real-life situations. At the same time, one of the most important lessons is that mistakes during the drill should not be taken lightly, each mistake is an opportunity to learn and improve the response process.
After 2 days of serious and responsible drills, with the coordination of VNCS, the "Information security and network security incident response program of Vietnam Oil and Gas Group in 2024" has completed the set contents and requirements.
At the program, Mr. Nguyen Anh Duc - Head of Science, Technology and Digital Transformation Department of the Group awarded certificates of merit to representatives of 3 groups with outstanding achievements in conducting information security and network security incident response tests.
Mr. Nguyen Anh Duc - Head of the Group's Science, Technology and Digital Transformation Department affirmed that through the program, the officers participating in the exercise have assessed the ability to coordinate as well as identify existing weaknesses related to people, processes, and technology, thereby improving combat capabilities and combat readiness when cyber security incidents occur in reality. Thereby, the officers will have the opportunity to apply knowledge and techniques into practice, gradually improving and improving their own qualifications to meet the requirements in the face of increasing risks of information security loss.
Mr. Nguyen Anh Duc hopes that, with the lessons learned from the drill, the officers will return to their units to advise the Board of Directors to organize more drills to improve the ability to respond to information security incidents at the unit, as well as improve the readiness of officers working in IT and specializing in network security who have not had the opportunity to attend the drill at the Group.
The practical exercise program "Information security and cybersecurity incident response of Vietnam Oil and Gas Group in 2024" has completed the proposed contents and requirements.
Minh Duc
![[CYSEEX Q4/2024] 2024 Milestones: CYSEEX Steadily Steps on the Journey to Protect Cyberspace](https://vstatic.vietnam.vn/vietnam/resource/IMAGE/2025/1/19/e964b89afdd24d58a1daa61051cca2aa)
Comment (0)