Contact Us

Türkiye's cyber center to boost national security

The National Cyber Incident Response Center (USOM) is set to bolster Türkiye's cybersecurity capabilities with increased personnel and strategic initiatives. Operating under the BTK, USOM focuses on critical infrastructure protection, personal data security, and enhancing national defense against evolving cyber threats.

Agencies and A News TECH
Published October 27,2024
Subscribe

The National Cyber Incident Response Center (USOM), referred to as "Türkiye's cyber fortress," will strengthen the country's cybersecurity shield with additional expert personnel. Operating under the Information and Communication Technologies Authority (BTK) since 2013, USOM plays a strategically important role in digital security.

In this context, the center conducts multifaceted studies on critical infrastructure security, personal data protection, enhancing national defense capabilities, and expanding the digital economy. BTK's efforts in this field represent a strategic framework aimed at strengthening Türkiye's position in cybersecurity.

USOM is working to prevent potential vulnerabilities in the country's cybersecurity landscape. The number of Cyber Incident Response Teams (SOME) within USOM, which was 2,205 last year, is expected to reach 2,300 by the end of this year, with a goal of increasing to 2,310 next year. The number of expert personnel, which stood at 7,465 last year, is projected to rise to 8,300 by the end of this year and 8,350 next year.

The center continuously scans 17 million IP addresses for cybersecurity vulnerabilities. Each day, it blocks 422 major attacks and 11 million malicious access requests. Last year, it prevented 140,000 major attacks. This year, the number of malicious connections announced by USOM is expected to drop to 85,000 next year.

In addition to the center, cooperation is being established with operators such as Türk Telekom, Turkcell, and Vodafone for cybersecurity defense. USOM conducts training, competitions, and exercises to enhance preparedness for cyber incidents. Technological measures are being developed for rapid detection and early intervention in cyber incidents. Threat intelligence and cybersecurity intelligence acquisition and production involve bilateral information sharing and coordination with national and international stakeholders. Regulatory, supervisory, monitoring, and vulnerability scanning activities are conducted to protect critical infrastructure.

Coordination with national and international stakeholders in threat intelligence acquisition, production, and sharing is a priority for maintaining swift detection and early intervention. Regulatory and supervisory activities for ensuring national cybersecurity are also part of the agenda.

In addition to these efforts, projects are being developed to block malicious content. The domestically developed AVCI, AZAD, KASIRGA, and ATMACA projects contribute significantly to national cybersecurity.

AVCI detects systems infected with malware. AZAD uses artificial intelligence to identify and block phishing addresses targeting citizens before or as they become active. KASIRGA performs vulnerability scanning on internet-accessible resources related to critical infrastructure and public institutions to ensure service continuity. ATMACA proactively blocks hundreds of sub-risk vulnerabilities.

In addition to these projects, efforts are underway to train experts in the field of cybersecurity. The FETİH Project, aimed at developing human resources, includes a practical cybersecurity training laboratory that allows participants to conduct cybersecurity tests in real-world scenarios and enhance their skills.