NEWS AND INSIGHT

A Current Step in the Institutionalization of Cybersecurity Law; Cyber Security Directorate: Duties, Authorities and Responsibilities

09 January 2025

A Current Step in the Institutionalization of Cybersecurity Law; Cyber Security Directorate: Duties, Authorities and Responsibilities

The Presidential Decree dated January 8, 2025 and published in the Official Gazette No. 32776 regulated the establishment and operating principles of the Cyber Security Presidency ("Presidency"), which was established to meet Turkey's needs in the field of cyber security. This regulation, which entered into force as of the date of its publication, clearly demonstrates Turkey's determination to identify and implement digital security strategies. This development is an important step in the institutionalization of cybersecurity law.

The Presidency has been structured as an institution with a public legal personality and affiliated to the Presidency. Headquartered in Ankara, this new structure will essentially undertake the task of ensuring Turkey's digital security and building a resilient system against cyber threats. At this point, it is important to carefully examine the relationship of the Department of Cyber Security with the ICTA and the National Cyber Incident Response Center and Teams.

  1. Duties and Responsibilities of the Presidency

The main duties assigned to the Cyber Security Presidency by the Decree are as follows:

  • Developing policies and strategies to ensure and strengthen Turkey's cyber security,
  • To carry out studies and projects that raise public awareness and create awareness on cyber security,
  • Developing the cyber security ecosystem in cooperation with the public, private sector and universities,
  • Identify cyber security risks in critical infrastructures and encourage investments in these areas,
  • Providing operational support in emergencies by creating crisis management plans.

 

  1. Presidential Organization

In order to fulfill its duties, the Presidency is structured to consist of the following units:

  1. Directorate General of Cyber Defense
  2. General Directorate of Cyber Strength
  3. General Directorate of Ecosystem Development
  4. Department of Foreign Relations
  5. Department of Management Services
  6. Legal Consultancy
  7. Press and Public Relations Consultancy

 

  1.  Final Provisions

The Presidency will be able to establish working groups with the participation of ministries, public institutions and organizations, professional chambers, non-governmental organizations, private sector representatives and experts on the issues falling within its mandate. In this context, a cyber security ecosystem will be developed with the contributions of different stakeholders by adopting a collaborative model.

In addition, in accordance with the transitional provisions, the relevant public institutions and organizations will continue their existing duties until the units under the Presidency are fully operational. This will ensure that services will continue without interruption during the transition period.

  1.  As an Example of Successful Cyber Security Models Abroad: UK's NCSC

 

A notable international example in the field of cybersecurity is the UK's National Cyber Security Center ("NCSC"). Established in 2017 by the UK government to enhance digital security, this center operates within the Government Communications Headquarters ("GCHQ").

Launched with a £1.9 billion investment, the NCSC aims to protect the UK's digital infrastructure against cyber threats, strengthen the digital economy and ensure the security of individual users. Working in collaboration with the public, private sector and universities, the center has a wide range of impact, especially in crisis management and national security strategies.

The NCSC's structure, which guides the public and provides solutions against threats, stands out as one of the most comprehensive cyber security organizations in Europe. Such examples are inspiring for new organizations such as Turkey's Cyber Security Presidency to develop their own models by taking into account global standards.

  1. Conclusion

In the final analysis, the establishment of the Cyber Security Presidency in line with all these explanations demonstrates Turkey's determination to develop and implement digital security strategies.   Moreover, this arrangement will not only enhance national security. It will also undoubtedly strengthen Turkey's competitiveness in the digital world. Thus, an important step has been taken in terms of institutionalization of cyber security law in our country. On the other hand, the relationship, coordination and cooperation of the Cyber Security Presidency with institutions and practices such as USOM should be concretized in a planned and efficient manner.