Türkiye to strengthen cybersecurity with new legislative framework
A computer screen showing lines of code. (AFP Photo)
Türkiye is set to bolster its cybersecurity infrastructure with the establishment of the Cybersecurity Directorate under a new legislative framework, according to Omer Ileri, Deputy Chairman of the Justice and Dveleopment Party (AK Party) and head of its Information and Communication Technologies division.
The legislation, currently under review in the Turkish Parliament’s National Defense Commission, aims to streamline and strengthen Türkiye’s cybersecurity capabilities.
Comprehensive cybersecurity strategy
Ileri highlighted the legislation as a crucial step in Türkiye’s transition to a more advanced cybersecurity framework. “With this law, the national cybersecurity mandate will be primarily entrusted to the newly established Cybersecurity Directorate,” he explained.
The directorate will be responsible for developing strategies, setting policies, and ensuring the security of public institutions, critical infrastructure, and private entities operating in cyberspace.
Key provisions include standardizing cybersecurity products, implementing certification processes, managing incident response teams, and conducting oversight when necessary.
Addressing growing cybersecurity threats
Citing the increasing scale and complexity of global cyberattacks, Ileri described the urgency of a robust cybersecurity framework. “In 2023 alone, the global cost of cyberattacks reached approximately $8 trillion, with this figure projected to rise to $20 trillion by 2025–2026,” he said.
The legislation also introduces mechanisms for effective enforcement, such as audits of public institutions without court approval and private sector audits with court orders.
“The legal framework ensures timely interventions while maintaining judicial oversight,” Ileri added.
Cybersecurity Directorate to lead Türkiye’s digital defense
Under the new structure, the Cybersecurity Directorate will coordinate Türkiye’s cybersecurity ecosystem, preventing overlaps in responsibilities among institutions.
Ileri noted that organizations such as the Ministry of Transport and Infrastructure, the Ministry of Industry and Technology, and TUBITAK will continue their sector-specific functions, but the overarching authority will rest with the Cybersecurity Directorate.
A Cybersecurity Board, chaired by the president, will oversee the directorate’s operations, provide strategic direction, and approve exemptions when necessary.
Türkiye’s global leadership in cybersecurity
Türkiye has emerged as a leader in cybersecurity, ranking 11th globally and sixth in Europe on the International Telecommunication Union’s Global Cybersecurity Index in 2023.
Ileri emphasized that the new legislation reflects Türkiye’s ambition to further enhance its position. “This is a manifestation of our determination to be a global leader in cybersecurity,” he said.
The law aligns with Türkiye’s broader national strategy, emphasizing technological self-reliance, reducing dependence on foreign products, and securing the digital infrastructure.
Meeting demands of digital world
Acknowledging the evolving nature of cyber threats, Ileri highlighted the dynamic structure of the proposed framework. “The legislation includes provisions for penetration testing and secondary regulations to address emerging cybersecurity challenges,” he explained.
The initiative is part of a broader vision for the “Century of Türkiye,” combining digital transformation and national technology advancements. Ileri referenced the global impact of recent cyber incidents, such as airport and healthcare disruptions, to stress the importance of a proactive approach.
“The digital century is also Türkiye’s century,” Ileri said, emphasizing that the new framework will position Türkiye as a key player in the global cybersecurity landscape.
