yberspace has a gradually expanding structure that connects new devices, systems, and users every new second. This causes threats from cyberspace to change constantly, making it impossible to combat them without cooperation.

With the Covid-19 pandemic, government and private sector operations dramatically changed at a never-before-seen pace. Meanwhile, a significant increase was registered in threats targeting the digital security of critical public services, healthcare organizations, and the finance and banking sectors in 2020 and 2021. Globally, cybercrime rose by over 200%.

From this point of view, collaboration has become more and more vital in order to fight cybercrime and create cyber resilience.

 

A comprehensive platform

In recent years, Turkey has put considerable effort in establishing a clustering platform in the cybersecurity domain. In October 2017, public sector institutions, academia, and major private sector cybersecurity companies gathered to discuss potential avenues for cooperation among each other, ultimately coming up with the Turkish Cyber Security Cluster. Today, the Cluster operates under the coordination of the Digital Transformation Office and the Presidency of Defence Industries with over 200 members.

The Turkish Cyber Security Cluster pursues several goals, including:

• Increasing the number of cybersecurity companies;
• Supporting the development of member companies’ technical, administrative, and financial capabilities;
• Improving the branding of products and services;
• Improving the standards of the cybersecurity ecosystem;
• Increasing the competitiveness of member companies in national and global markets;
• Improving the human capital in the field of cybersecurity; and
• Increasing awareness about cybersecurity across society.

Public-private partnerships

Though there is no legal obligation for the private sector to take part in such cooperation, emphasis ought to be kept on the mutual trust and cooperation between public and private institutions. The key motivation behind these efforts is to strengthen buyer-supplier relationships, common distribution channels, common networking opportunities, and R&D activities conducted by universities with companies that can create better opportunities and benefits for both parties. Because of common economic interests, companies in the cluster can become more productive and innovative and therefore more competitive than companies operating alone.

It is almost impossible to achieve success in the field of cybersecurity without the support of the highest-level public authority.

The Digital Transformation Office (DTO) of the Presidency of the Republic of Turkey was established in 2018 to unify the fragmented activities around digital transformation, cybersecurity, research and development of national technologies, big data, and artificial intelligence under a single roof.

Some of the DTO’s responsibilities include preparing the roadmap for the digital transformation of the public sector; developing projects to improve cyber security; and fostering cooperation among public and private sector organizations, universities, and non-governmental organizations in order to create a digital transformation ecosystem and encourage their participation in the design and delivery of digital public services.

The DTO’s main duties in the cybersecurity domain include:

• Establishing unique leadership in national cyber security;
• Developing projects to enhance cybersecurity awareness;
• Establishing a strong cyberthreat intelligence sharing platform;
• Providing international cooperation against cyber threats;
• Improving the understanding of cybersecurity as an enabler of the digital future.

A methodology and clear strategy

In order to achieve these goals, the DTO wrote a guide defining a methodology for managing cyber domain related risks, minimum cybersecurity baselines and compliance mechanisms. After almost one year of comprehensive work to prepare under the coordination of the Digital Transformation Office, Turkey’s “Information and Communication Security Guide” was licenced under the Creative Commons public licence and published in July 2020.

Moreover, Turkey published the first national level Cybersecurity strategy and action plan back in 2013. The third strategy and action plan covering the 2020-2023 period was then published in 2020.

The basic goals of the current strategy and action plan include:

• 24/7 protection of critical Turkish infrastructure against cyber-attacks,
• National technology development to meet cybersecurity needs,
• Improving readiness vis-à-vis cyber-incidents,
• Improving cyber security awareness,
• Establishing an information security culture,
• Investing in human capital and improving professionals’ skills,
• Developing mechanisms for information sharing and cooperation with national and international stakeholders.

As mentioned, Turkey’s current efforts focus on improving the understanding of cybersecurity as an enabler of the digital future.

In the military context, cyberspace is mostly defined as cyber warfare: the importance of cybersecurity is highlighted in correlation with cybercrime, advanced persistent threats, cyber-attacks, and cyber-terrorism, too.

However, from another point of view, the cyber domain also represents an opportunity for capacity-building, innovation, and development. This approach can be named as a “positive cybersecurity approach”.

With a positive cybersecurity approach, international collaboration, improving business-to-business relations as well as cyber-threats information sharing will be the key element to achieving cyber-resilience worldwide.