National Cybersecurity Agency

[Jay]

Brigadier General Ahmet Turmuş
Director-General of the National Cybersecurity Agency​

The Turkish National Cybersecurity Agency (Turkish: Türkiye Ulusal Siber Güvenlik Ajansı, or TÜBİS) is a national civil-military agency responsible for safeguarding Türkiye's digital infrastructure and ensuring its cybersecurity resilience. Established under the governance of the Turkish Ministry of National Defense, the agency operates with a unique structure that combines civilian with military leadership, reflecting Türkiye multi-domaine approach to cybersecurity. The agency is directly overseen by a high-ranking military officer and plays a central role in both defensive and offensive cybersecurity operations, contributing to the protection of the nation’s critical cyber assets.

​

The Turkish National Cybersecurity Agency has three primary functions: combative cybersecurity operations, government infrastructure protection, and public outreach and advising. These functions collectively aim to secure Türkiye's cyberspace against external and internal threats, while also fostering greater public awareness of cyber risks and best practices.

1. Combative Cybersecurity Operations​

TÜBİS is tasked with leading and executing offensive and defensive cybersecurity operations, particularly those involving national defense and military objectives. Under the direction of the Turkish Armed Forces, the agency conducts proactive operations to detect, disrupt, and neutralize cyber threats from hostile foreign actors, terrorist groups, and other malicious entities targeting Türkiye's digital infrastructure. These operations include cyber intelligence gathering, vulnerability testing, and the development of countermeasures to safeguard national security.

2. Government Cyber-Infrastructure Protection​

A major responsibility of TÜBİS is the maintenance and protection of Türkiye's governmental and civilian cybersecurity infrastructure. This includes overseeing the national cybersecurity policy framework, ensuring the security of critical government networks, and coordinating responses to cyber incidents that affect public services. The agency is also responsible for the development, implementation, and regulation of cybersecurity policies, strategies, and standards to ensure that government systems remain resilient against cyber threats. In addition, TÜBİS manages Türkiye's national encryption systems and works to secure communications within government and related institutions.

3. Advising and Public Outreach​

In addition to its defensive and combative operations, TÜBİS plays a significant role in public education and cyber threat awareness. The agency works to inform the public about emerging cyber risks, including phishing attacks, online fraud, and data privacy threats. TÜBİS also focuses on vulnerable segments of the population, such as senior citizens, to ensure that these groups are educated about how to protect themselves in an increasingly digital world. The agency conducts outreach campaigns, offers training, and develops user-friendly resources to promote safer online behavior.

Structure and Leadership​

TÜBİS operates as a hybrid civil-military institution, reflecting the importance of cybersecurity in both national defense and civilian governance. While the agency is a civilian body under the Ministry of National Defense, its leadership is provided by a high-ranking military officer who ensures the alignment of cybersecurity initiatives with national defense strategies. This integration allows TÜBİS to operate efficiently across both military and civilian domains, facilitating a coordinated approach to the nation’s cybersecurity.

National Cybersecurity Strategy​

The Turkish National Cybersecurity Agency plays a central role in shaping and executing Türkiye's broader national cybersecurity strategy. The agency collaborates with various governmental bodies, private sector organizations, and international partners to strengthen Türkiye's cybersecurity posture. TÜBİS is responsible for identifying emerging cyber threats, assessing risks, and Türkiye's proactive measures to prevent cyberattacks on critical infrastructure. The agency also participates in global cybersecurity initiatives and maintains partnerships with international cybersecurity agencies and organizations.

Notable Initiatives​

TÜBİS has initiated several key programs and policies to enhance the country’s cyber resilience, including:

• Cybersecurity Incident Response and Recovery Plans: Ensuring that Türkiye is prepared to quickly respond to and recover from major cyber incidents affecting critical national infrastructure.
• Cybersecurity Education and Training: Developing nationwide programs to promote cybersecurity literacy, targeting schools, universities, and businesses, as well as providing specialized training for government employees and public institutions.
• Cybersecurity Awareness Campaigns: Launching public outreach campaigns focused on educating citizens about common cyber threats and best practices for online security.