General Information
General Information
Cybersecurity is the totality of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, activities, training, best practices, and technologies used to protect the assets of institutions, organizations, and users in the cyber environment. The assets of institutions, organizations, and users encompass all information processing hardware, personnel, infrastructure, applications, services, telecommunication systems, and information transmitted and/or stored in the cyber environment.
Cybersecurity aims to ensure that the security features of the assets belonging to institutions, organizations, and users are established and maintained in a manner capable of withstanding security risks present in the cyber environment. The fundamental objectives of cybersecurity are availability, integrity (including authenticity and non-repudiation), and confidentiality. (This is the definition contained in ITU-T Recommendation X.1205 and accepted internationally.)
Legislation
Our Institution conducts activities related to Cybersecurity within the framework of the Decision on the Implementation, Management, and Coordination of National Cybersecurity Studies adopted by the Council of Ministers and the relevant articles added to the Electronic Communications Law No. 5809. For more information about the legislation, please click here.
Cyber Security Board
In our country, the determination of measures to be taken by public institutions and organizations, as well as real and legal persons, regarding cybersecurity; the approval of prepared plans, programs, reports, procedures, principles, and standards; and the execution and coordination of their implementation are carried out by the Cybersecurity Board. The legal personality of the Cybersecurity Board, established by the Council of Ministers Decision dated 11/6/2012 and numbered 2012/3842 on the Execution, Management, and Coordination of National Cybersecurity Activities, has been updated with Additional Article 1 of the Electronic Communications Law, which was added to Law No. 5809 and published in the Official Gazette dated 19/02/2014 and numbered 28918, entering into force. For more information about the Cybersecurity Board, please click here.
Cybersecurity Strategy and Action Plan
After the establishment of the Cyber Security Board, the National Cyber Security Strategy and Action Plans began to be prepared by examining our country's current situation and world examples. In this context, the first of these plans is the National Cyber Security Strategy and 2013-2014 Action Plan, which was approved on 25/03/2013. The action plan covering the years 2015-2016 is being continued under the coordination of the Ministry of Transport, Maritime Affairs and Communications. For more information about the Strategy Action Plan, please click here.
USOM and Corporate Cyber Incident Response Team
Within the framework of the National Cyber Security Strategy and the 2013-2014 Action Plan, the National Cyber Incident Response Center (USOM) has been established to ensure national and international coordination in responding to cyber security incidents in our country. Under the Information Technologies and Communication Authority, which is responsible for regulating and supervising the electronic and communication sector among critical infrastructure areas, the Sectoral Cyber Incident Response Team (Sectoral SOME) has been established for the Electronic and Communication sector. For more information about USOM, Sectoral and Institutional SOME, please click here.
Sectoral Cyber Incident Response Team
As is known, with the 7th decision contained in the annex to the Cyber Security Board's decision dated 20/06/2013 and numbered 2, the electronic communications infrastructure has been accepted as critical infrastructure. In the framework of the aforementioned decision of the Cyber Security Board, following the coordination meeting held with USOM, a Sectoral SOME was established within our Institution, under the coordination of the Information Technologies Directorate Presidency, targeting the electronic communications sector, by means of the Authority Approval dated 10/09/2014 and numbered 34374171-951.01.09/55144. In the Sectoral SOME, a total of 6 personnel, consisting of 1 coordinator and 5 expert staff, have been assigned full-time.
Cyber Security Initiative
The Cyber Security Initiative, established under the umbrella of the Internet Development Board with the participation of sector stakeholders, aims to conduct studies in the field of cyber security, gather opinions from all stakeholders, facilitate the exchange of ideas and collaboration between institutions, generate common ideas, and present its work to the Ministry of Transport, Maritime Affairs and Communication. For more information about the Cyber Security Initiative, please click here.
Cybersecurity Drills
One of the most important measures in cybersecurity is to increase awareness. One of the most effective ways to increase awareness and bring together national and international players is to organize and participate in cybersecurity exercises. The Information Technologies and Communication Authority has brought the players together in this context, and since 2011, 7 national and 2 international cybersecurity exercises have been conducted under the coordination of the Ministry of Transport and Infrastructure. For more information on cybersecurity exercises, please click here.
Mindfulness Practices
Within the framework of Article 23 of the National Cyber Security Strategy and the 2013-2014 Action Plan, studies are being conducted to raise awareness and increase the consciousness of computer users in the field of cyber security. For more information about awareness studies, please click here.
