The Preparation Workshop for the 2020-2023 National Cybersecurity Strategy and Action Plan was held at BTK.
Dr. Ömer Fatih Sayan, Deputy Minister of Transport and Infrastructure, who participated in the workshop organized as part of the preparation efforts for the National Cybersecurity Strategy and Action Plan that will form the vision document for the next 4 years to ensure our national cybersecurity, emphasized the importance of consensus in the field of cybersecurity.
Stating that every stakeholder must contribute to this, Sayan said, “With this understanding, our Ministry published the ‘National Cybersecurity Strategy and 2013-2014 Action Plan,’ which was the first in its field in our country, and subsequently the ‘2016-2019 National Cybersecurity Strategy and Action Plan.’ With these strategies that positioned our country more strongly in cyberspace, we took important steps to strengthen our national cybersecurity organization, increase our incident response capacity, and ensure the protection of our critical infrastructures. Our Ministry and the Information Technologies and Communication Authority (BTK) have conducted very serious studies to date towards the formation of our country's national cybersecurity organizational structure. The most important of these was the establishment of USOM under BTK. USOM has been shaped as Sectoral SOCs and Institutional SOCs. Currently, 1,291 SOCs, 14 of which are sectoral, operating under USOM coordination, conduct coordinated 7/24 efforts to protect our country's cyber domain.”
Deputy Minister Sayan: Every Second is Crucial in the Fight Against Cyber Threats
Expressing that USOM has taken on a very important role in the fight against cyber threats, Sayan said, “In the fight against cyber threats, even a second is of great importance. We need to race against time to detect and neutralize threats. Therefore, we must use the most effective and fastest solution systems and integrate the most advanced technologies into these systems. I am proud to say that we have achieved significant gains in this direction. With the studies conducted and projects developed under USOM, the aim is to detect cyber threats in the fastest way possible, prevent them, and take technological measures against them. In this context, with our domestically developed applications such as AVCI, AZAD, and KASIRGA, which have become brands, we make significant contributions to our national cybersecurity. These operations continue 365 days a year, 24 hours a day. Many attacks are neutralized silently and without notice on the infrastructures we have established. All these activities are carried out with the help of the Cybersecurity Operations Center, malware and digital forensics laboratories. Also in this operations center, our country's electronic communications infrastructure is monitored 24/7 uninterruptedly, and rapid actions are taken in coordination with operators against service outages or DDoS attacks.”
Also highlighting USOM's successes in the international arena, Sayan said, “We organized the Cyber Shield 2019 exercise on December 19-20, 2019, under the BTK umbrella with contributions from the International Telecommunication Union (ITU) and the Cybersecurity Alliance for Mutual Progress (CAMP). We provided hands-on cybersecurity experience to nearly 90 participants from 17 different countries using the technical infrastructure and scenarios developed under USOM, and shared information on steps to be taken in case of potential cyber attacks. Of course, these efforts have also succeeded in attracting attention in the international arena. According to the ‘Global Cybersecurity Index’ data used by the International Telecommunication Union (ITU) to measure countries' cybersecurity maturity, while our country was ranked 22nd in Europe in 2017, we rose to 11th in 2018. Globally, among 175 countries, we rose from 43rd to 20th. Our main goal is to sustain these successes and raise the bar even higher.”
Deputy Minister Sayan also shared the following information regarding USOM's planned activities in the coming period: “One of the important studies we aim to carry out in the upcoming period will be to advance USOM's information exchange and interaction with its current stakeholders. In this context, while increasing information sharing on cyber threats with our public institutions and private sector on one hand, on the other hand, we aim to contribute to national cybersecurity by establishing new ties with stakeholders in this field, especially young people conducting cybersecurity studies nationwide, through mutual support and feedback mechanisms. In this way, we aim to create a live, active, and organic cybersecurity network at the national level by maintaining 7/24 interaction with all our stakeholders.”
President Karagözoğlu: We View Cybersecurity as Part of Our National Security
Ömer Abdullah Karagözoğlu, President of the Information Technologies and Communication Authority, stated that as an institution, they continue their efforts to raise information security awareness, enhance the security and defense of our country's cyberspace, ensure the resilience and continuity of critical infrastructures against cyber attacks, and provide security for personal, institutional, and national data.
Stating that BTK conducts necessary preventive studies against cyber threats not only with operators but with all legal entities, Karagözoğlu said, “We view cybersecurity as part of our national security due to risks that negatively affect social and economic life. Unfortunately, in today's cyber world, it is not possible to ensure absolute security. Nevertheless, we believe we need to stay vigilant to increase our cybersecurity level and preparedness. In this context, our Institution makes various regulations in the field of network and information security. Whether operators fulfill their obligations is checked by our Institution, and sanctions are imposed on operators where violations are detected. Guidance on security practices is also provided through audits. As an institution, we engage in bilateral cooperation agreements with various countries on joint efforts against malware in cybersecurity, cooperation in investigations related to cyber criminals, organization of joint cybersecurity exercises, and cyber intelligence and information sharing, and we will continue to do so. I think these cooperations will make great contributions to making our countries' cyber domains more secure.”
Mentioning that under international cooperation, they launched the “Technical Assistance Project for Alignment with the EU on the Implementation of the Network and Information Security Directive” for compliance with the EU's NIS Directive in 2019, Karagözoğlu said, “As everyone knows, at the center of this perspective and working approach, USOM operating under our Institution plays a very important role. One of the most important activities carried out by USOM is to convey the threats and vulnerabilities identified by advanced cybersecurity experts, along with the necessary measures, to the relevant institutions. USOM delivers cyber threat intelligence obtained from relevant stakeholders or produced by experts acting as threat hunters to the relevant parties in the fastest manner. Thus, harmful links (55,000) used in malware and phishing are detected and blocked at the infrastructure level.”
Stating that the cybersecurity organization and human resources, consisting of thousands of SOCs and nearly 4,000 cybersecurity experts at the current point, were formed within the framework of the “2016-2019 National Cybersecurity Strategy and Action Plan,” Karagözoğlu concluded his speech by saying, “Again, our domestic and national solutions we use, the international organizations we organize, and finally the successes we achieved in international cybersecurity indicators are products of this strategy and action plans. In this sense, as an Institution, we are aware of the critical role played by cybersecurity strategies and action plans both in ensuring our cybersecurity, hence our national security, and in increasing our citizens' welfare level with the development of new technologies. We are also aware that we are one of the most important implementers of these strategy and action plans together with USOM in our body.”