HCM CITY — Nearly 96 per cent of organisations in Việt Nam plan to outsource at least part of their Security Operations Centre (SOC) operations, with most favouring hybrid models, according to a survey by global cybersecurity and digital privacy company Kaspersky.

The survey found that 59 per cent of Vietnamese organisations prefer hybrid SOC models that combine internal teams with external expertise, while 37 per cent are moving towards full SOC-as-a-Service (SOCaaS) implementations.

As cyberthreats become increasingly sophisticated, organisations are reassessing how they build and operate SOCs. To better understand these shifts, Kaspersky conducted a global survey examining motivations, strategic objectives and challenges related to its planning and implementation.

Globally, 64 per cent of companies plan to outsource part of their SOC operations, while 26 per cent are ready to fully implement an SOC-as-a-Service (SOCaaS) model. By contrast, only 9 per cent intend to build SOCs entirely in-house, highlighting the growing challenges of maintaining round-the-clock monitoring and attracting qualified specialists.

Most global companies prefer maintaining strategic tasks internally, while leveraging external teams and advanced technologies for operational and highly technical workloads.

Commonly outsourced SOC functions include solution installation and deployment (55 per cent), solution development and provisioning (53 per cent), and SOC design (47 per cent).

In Việt Nam, the outsourcing model becomes even more dynamic. Companies in the country showed significantly higher willingness to delegate these functions, with installation and deployment of security solutions (82 per cent), development and provisioning (75 per cent), and SOC design (79 per cent) emerging as the top outsourced areas.

When engaging external SOC providers, global organisations most often outsource frontline roles, including first-line (61 per cent) and second-line analysts (52 per cent), focusing on threat monitoring and response.

In contrast, Vietnamese organisations tend to outsource more specialised roles requiring advanced technical expertise, such as security engineers (61 per cent), development teams (44 per cent), and threat hunters (44 per cent), highlighting ongoing talent constraints in the local cybersecurity workforce.

Kaspersky noted that the leading driver of SOC outsourcing in Việt Nam is the need for round-the-clock protection, cited by 79 per cent of respondents, compared with a global average of 55 per cent. Reducing the workload of internal security teams was another key factor, reported by 56 per cent of Vietnamese companies versus 47 per cent globally.

Access to advanced security technologies also emerged as a major motivator in Việt Nam, with 80 per cent citing this benefit, nearly double the global average of 42 per cent. Regulatory compliance was another significant consideration, at 58 per cent in Việt Nam compared with 41 per cent globally, underscoring demand for specialised expertise and advanced solutions such as XDR, MDR and MXDR.

Budget optimisation is important for only 37 per cent of companies globally, indicating that the primary value of outsourcing lies in improved protection, not just cost savings. In Việt Nam, however, budget considerations are cited by 62 per cent of companies, suggesting that cost efficiency plays a more prominent role in local outsourcing decisions, Kaspersky said. — VNS