Unit4sec
An OvervIew of Türkİye’s Cyber SecurIty OrganIzatIonal UnIts
1
2
3
3
IntroductIon
Introduction
Türkiye 2012-2014 Cyber Security Strategy
Türkiye 2014-2019 Cyber Security Strategy
Türkiye 2020-2023 Cyber Security Strategy
1
4
5
6
output of cyber securIty StrategIes
Cyber Security Organization Structure of TÜRKİYE
7
8
Other instutions regarding cyber security
Global Score
Global Cyber Security Index 2020
9
REFerences
10
IntroductIon
To understand Türkiye's cybersecurity organization, mission, and strategies, it would be appropriate to examine the period after the responsibility for cybersecurity was transferred to the Ministry of Transport and Infrastructure in 2012. The changes made during this period highlight many innovations, the organizational structure, and strategies in the country's cybersecurity field.
In this context, Türkiye's cybersecurity strategy was first defined under the decision published in the Official Gazette dated October 20, 2012, and numbered 28447, following the resolution adopted by the Council of Ministers in decision number 2012/3842, "On the Implementation, Management, and Coordination of National Cybersecurity Activities."
In accordance with this decision, a Cybersecurity Board has been established with the purpose of determining cybersecurity measures, approving prepared plans, programs, reports, procedures, principles, and standards, and ensuring their implementation and coordination. The board is chaired by the Minister of Transport, Maritime
Affairs, and Communications and includes the following members:
Türkİye Cyber SecurIty Strategy PlannIng InfographIc
01
When reviewing Türkiye's 2014-2019 cybersecurity strategy, we find 18 action items supporting the initial strategy
02
Currently , the last published strategy.
03
First Cyber Security Strategy which is the foundation of most of the actions.
Within this scope, the following actions were planned and implemented in the National Cybersecurity Strategy for 2013–14 and the 2013–2014 Action Plan:
a) Legal Regulations
b) Support for Legal Processes
c) Establishment of a National Cyber Incident Response Organization
d) Strengthening the National Cybersecurity Infrastructure
e) Human Resource Development and Awareness Activities in Cybersecurity
f) Development of Domestic Technologies in Cybersecurity
g) Expanding the Scope of National Security Mechanisms
2013 Jan
2013 May
2013 Feb
Creation of National Cyber Incident Response Center (USOM) and Sectoral & Corporate Cyber Incident Response Teams (SOME)
Determining Minimum Criteria for Maintaining Records to Obtain Reliable Evidence for Post-Incident Examination
The beginning of the activities of the Cyber Security Council.
2013 April
2013 May
Identification of Critical Infrastructure Vulnerable to Direct Cyber Threats That Could Disrupt Societal Order When Damaged
Review of National and International Cybersecurity Legislation to Identify Needed Legal Regulations
2013 Sep
2013 Dec
2014 May
Establishing National R&D Incentives for Cybersecurity-Related IT Products, Software, and Hardware
First International Cybersecurity Exercise Led by Türkiye
Establishment of Public Sector Cyber Incident Response Teams (SOME)
When we glance at Türkiye's 2014-2019 cybersecurity strategy, we see action plans comprising 18 items to develop and support parallel processes with the first strategy. These 18 action plans fall under 5 distinct strategic action plan headings:
2014-2019 Türkiye Cyber Security Strategy
When reviewing Türkiye's 2014-2019 cybersecurity strategy, we find 18 action items supporting the initial strategy
02
The 18 actions are as follows:
When we examine the 2020-2023 Türkiye Cybersecurity Strategy, we observe a parallel with the previous action plans, yet this time, the priorities are consolidated into eight main categories. Furthermore, we can see that the objectives and actions have matured within this framework. These eight primary categories are as follows:
2020-2023 Türkiye Cyber Security Strategy
Currently , the last publiished strategy.
03
1
Protection of Critical Infrastructure and Enhancement of Resilience
2
Development of National Capacity
3
Organic Cyber Security Network
5
6
7
Combating Cybercrime
CDevelopment and Support of Indigenous and National Technologies
Integration of Cybersecurity into National Security
4
Security of Next-Generation Technologies
8
Enhancement of International Collaboration
Cyber Security Organization Structure of Türkiye
Implementation, administration and coordination of national cybersecurity actions, and preparation and coordination of policy, strategy and action plans
Türkiye Cyber Security Board
In the context of cybersecurity, the board approves prepared plans, programs, reports, procedures, principles, and standards and ensures their implementation and coordination.
The Digital Transformation Office (Dijital Dönüşüm Ofisi -DDO) established by Presidential Decree in July 2018, has been given the task of developing projects that increase information security and cybersecurity.
Publications
Responsibilities
While policymaking is the responsibility of the Transportation and Infrastructure Ministry, the regulatory function has been assigned to the Information and Communication Technologies Authority (Bilgi Teknolojileri Kurumu -BTK)
Responsibilities
USOM was established under BTK and constantly monitors and provides warnings and announcements for cybersecurity incidents. It also establishes national and international coordination for the prevention of cyber-attacks against critical sectors.
Government CERT
Institutional Cyber Events Response Teams are responsible for the main government institutions and bodies
Private Sector CERT
Sectoral CERTs specialise in sectors that are recognised as critical infrastructure for the nation: transportation, energy, electronic communications, finance, water management
Other instutions regarding Cyber Security Landscape of Türkiye
The Undersecretariat for Defense Industries (SSM) was established in 1985 as the "Defense Industry Development and Support Administration Presidency" under the Ministry of National Defense, with the aim of determining policies related to the establishment of the defense industry infrastructure in Türkiye and creating mechanisms to implement these policies. In 1989, it was restructured as the "Undersecretariat for Defense Industries." In 2017, as a result of regulatory changes, it was attached to the Presidency, and in 2018, it was restructured again as the "Presidency of Defense Industries of the Republic of Türkiye," with its organization, duties, authorities, and responsibilities regulated by Presidential Decree No. 7 regarding the Presidency of Defense Industries.
Projects
The company was founded in 1991 by the decree of the Defence Industry Executive Committee. Its primary mission was to provide an array of critical services, including project management, system engineering, technology transfer, logistical support, and consultation. These services were aimed at supporting the Presidency of the Republic of Turkiye Presidency of Defence Industries (SSB) and the Turkish Armed Forces (TSK) in high-technology sectors vital for national security.
Over the years, the company has expanded its expertise by actively participating in national projects within the Turkish defense industry. Significant investments have enabled diversification into various fields such as military naval platforms, cybersecurity, tactical mini UAV systems, radar systems, satellite technologies, command and control systems, certification, and consultancy. Notably, the company has developed and provided indigenous and critical systems using domestic resources to meet the requirements of civil, public, and private sectors. It proudly stands among the top defense industry firms in the country, playing a pivotal role in enhancing the global competitiveness of the Turkish defense industry while also engaging in export-oriented endeavors.
STM offers a comprehensive suite of capabilities and activities in the realm of cybersecurity. Their expertise encompasses the delivery of integrated turnkey cyber security projects, awareness studies, and education, ensuring a heightened level of cyber resilience.
They provide adept consultancy services along with extensive analyses such as assessing cyber security maturity levels and conducting test and evaluation services, further supported by their Common Criteria Test Laboratories. STM is also well-versed in offering services related to Industrial Control Systems and configuring customized laboratories. Their dynamic approach involves malware analysis, Red Team and penetration testing, as well as source code security analysis and vulnerability assessments, all underpinned by robust risk management strategies.
In the rapidly evolving landscape of cybersecurity, STM excels in IoT attack determination and operates a Cyber Fusion Center. They specialize in cyber threat intelligence and run a Cyber Operation Center, providing incident response and threat hunting solutions. Their expertise extends to the organization of R&D projects, producing periodical cyber threat status reports, and hosting Capture The Flag (CTF) competitions. STM’s activities also encompass data center configuration and consultancy services, ensuring a holistic and resilient approach to cyber security.
TÜBİTAK is an institution in Türkiye with a vision to be innovative, guiding, participatory, and collaborative in the fields of science and technology. It supports research and development in both academic and industrial sectors, focusing on national priorities. TÜBİTAK also plays a role in shaping the country's Science and Technology policies and publishes materials to increase awareness in society. It supports domestic and international academic activities of scientists through scholarships and awards, and funds projects in universities, public institutions, and industries to enhance the country's competitiveness.
The Cyber Security Institute (CSI) was established with the aim of conducting research and development activities in the field of cybersecurity to enhance the national cybersecurity capacity. CSI carries out research and development projects in the field of cybersecurity and undertakes solution-oriented projects for military institutions, public entities, and private sector organizations.
The activities of the Cyber Security Institute are grouped under three main headings:
The Personal Data Protection Authority is a legally autonomous public entity established to fulfill responsibilities outlined in Law No. 6698. Operating under the purview of the Minister appointed by the President of the Republic, the Authority is headquartered in Ankara and comprises both a Board and a Presidency. The decision-making body of the Authority is the Board.
The Personal Data Protection Law, implemented in 2016 and overseen by the Personal Data Protection Authority (KVKK), plays a pivotal role in Türkiye's legal landscape. This legislation's central objective is the preservation of personal data in an age of digital proliferation, aiming to secure individuals' privacy rights. Complying with this statute is of paramount importance for enterprises, not only to prevent data breaches but also to harmonize Türkiye with worldwide data protection norms, thereby facilitating international data transfers and enhancing data security practices across various sectors.
The National Intelligence Organization was created by the National Intelligence Organization Act (Law No.644 dated 6 July 1965). It originally reported to the Office of the Prime Minister. In 2017, the National Intelligence Organization was subordinated to the Presidency. The organization operates under six different presidencies, one of which is the Cyber Intelligence Directorate.
The Cyber Intelligence Presidency is responsible for carrying out technical activities using all kinds of technical intelligence methods, tools, and systems to fulfill the duties assigned by Law No. 2937, which include gathering, recording, and analyzing information, documents, news, and data.
When reviewing the 2022 National Intelligence Organization (MİT) Activity Report, it is evident that numerous developments have occurred in the field of cyber intelligence. Furthermore, it is emphasized that new capabilities in artificial intelligence, big data analysis, and image intelligence have added a new dimension to their on-field operations."
In order to provide support for the investigation of crimes committed through information technologies and the examination of digital evidence, and to centralize the dispersed structure of provincial units of the relevant Directorates under a single umbrella, prevent duplication of investments, and effectively and efficiently combat cybercrimes, the Directorate for Combating Cybercrimes was established within the General Directorate of Security by the Council of Ministers' Decision No. 2011/2025. Following the Ministry's approval dated February 28, 2013, the name of the Directorate for Combating Cybercrimes was changed to the Cybercrime Combat Directorate.
The Ministry of National Defence is entrusted with the primary authority for overseeing military cyber defense and occupies the highest position within the realm of military cyber operations
The Cyber Defense Department operates as a division under the Directorate of Communications and Information Systems, functioning as a department within the organizational hierarchy.
Department of Cyber Security
The Objective of Turkish Armed Forces Foundation, stated by LAW 3388; is to enhance the warfare of capability of Turkish Armed Forces through national defense industry, establishing new defense industry areas and procuring warfare armament by providing the financial and spiritual support of Citizens.
Subsidiaries
ASELSAN is the largest defense electronics company of Türkiye whose capability/product portfolio comprises communication and information technologies, radar and electronic warfare, electro-optics, avionics, unmanned systems, land, naval and weapon systems, air defence and missile systems, command and control systems, transportation, security, traffic, automation and medical systems. Today ASELSAN has become an indigenous products exporting company, investing in international markets through various cooperation models with local partners and listed as one of the top 100 defence companies of the world (Defense News Top 100).
Aselsan provide secure and integrated solutions such as crypto and information security systems, information technology systems, network security products in communication and computer systems, secure data sharing systems and encryption solutions.
Established in 1982 under the Turkish Armed Forces Strengthening Foundation, HAVELSAN is a leading Turkish technology firm known for its expertise and advanced software-driven solutions. It provides original software-intensive systems in fields such as Command Control and Defense Technologies, Simulation, Autonomous and Platform Management Technologies, and Information and Communication Technologies. HAVELSAN offers turnkey solutions to the Turkish Armed Forces, public institutions, the private sector, and international clients
HAVELSAN offers a suite of cutting-edge cybersecurity and data protection products. Their HAVELSAN WAF/LB (Web Application Firewall/Load Balancer) provides robust load balancing for high network traffic while also identifying and thwarting cyberattacks on web applications. Complementing this, HAVELSAN DLP (Data Leakage Prevention) is a PARDUS-compatible solution that safeguards against unauthorized data leaks from an organization by enforcing predefined security rules and monitoring data access. In the ever-evolving world of mobile technology and the escalating threat landscape, HAVELSAN İleti responds to the need for heightened communication and information security on mobile platforms. Lastly, HAVELSAN Data Diode is a modern data transfer system, designed modularly to meet the inter-network data transfer needs of various sectors, including defense, security, and finance, providing secure, one-way data movement between isolated networks. These products collectively signify HAVELSAN's dedication to enhancing cybersecurity, preserving data integrity, and ensuring secure data transfer mechanisms.
Others
Turkish Armed Forces Foundation has many other valuable and successful subsidiaries. However, these institutions are highlighted for their activities in the field of cybersecurity, so they are briefly mentioned.
Some Reported Results
The Global Cybersecurity Index (GCI) is a measurement tool developed by the International Telecommunication Union (ITU), a specialized agency of the United Nations, to assess and rank the cybersecurity readiness and capabilities of countries around the world.
They provide cyber security index and it is based on data reported by a record level of Member State participation, from 105 responses in the 2013-2014 iteration, to 150 questionnaires returned in 2020.
The Index assesses Member State commitments to cybersecurity across five key pillars:
Well, within these measurement according to the 2020 Global Cybersecurity Index published by the International Telecommunication Union (ITU), Türkiye has secured the 16th position globally and ranks 6th in the European region, boasting an impressive overall score of 97.41.
Conclusion
Our exploration of Türkiye's cybersecurity landscape has shed light on the multifaceted structure and the various authorities that play a pivotal role in enhancing the nation's cyber resilience. We've delved into the legal framework, government institutions, and key organizations that collectively contribute to Türkiye's cybersecurity maturity. By understanding the roles and responsibilities of these entities, it becomes evident that Türkiye is committed to fortifying its digital defenses and safeguarding its critical assets in an ever-evolving cyber landscape.
It's worth noting that our research has primarily relied on publicly available resources, and the complexity of this field means that there may be additional initiatives and entities contributing to Türkiye's cybersecurity posture that are not covered here. We apologize for any omissions, as it is challenging to encompass the entirety of this dynamic and vital domain in a single overview. As Türkiye continues to adapt and strengthen its cybersecurity posture, it stands better equipped to face the challenges of the digital age and protect the interests of its citizens, businesses, and institutions.
As we present this overview of Türkiye's cybersecurity landscape, it's a momentous occasion that calls for celebration. Today, on October 29th, Türkiye commemorates its 100th anniversary as a republic, a nation founded by the visionary leader Atatürk and the unwavering dedication of our soldiers, martyrs, and gazis. We are forever thankful for their sacrifices, which have paved the way for our remarkable journey.
In the words of Atatürk, "Sovereignty unconditionally belongs to the people." This sentiment embodies the spirit of our nation, where progress and innovation have always thrived within the democratic values of our republic. We celebrate this day with gratitude for the past and hope for the future, for our great republic and all those who have contributed to its strength and resilience. Happy 100th Anniversary, Türkiye! 🇹🇷🎉
References