Combating Cyber ​​Events at National Level

In recent years, due to the increase of cyber incidents and the increase in the losses experienced in our country, the structure of a cyber defense organization has been created by the will of the state. With the National Cyber ​​Incident Response (USOM) center, it is aimed to eliminate cyber incidents from one hand and to implement a total defense. Within this framework, it is necessary to establish Cyber ​​Incident Response Teams (SOME) on the sectoral basis and the necessary infrastructure to be implemented in institutions.

With SOME, it is aimed to make preparations before the cyber attack, to implement the action plan during and after the cyber attack properly.

In order to establish Cyber ​​Incident Response Teams, it is recommended that the personnel to be employed in SOMEs will be able to systematically record, manage and record records, to identify important security vulnerabilities in the information systems of the organization and to provide the basic competencies necessary for cyber-event intervention coordination.

Installing SOME

Establishing and using the maximum equipment required for a strong defense and defense is an important issue. It will not be possible to provide a healthy security concept only if the IT team alone is in-house and the activities that should be carried out in the IT system are monitored individually or semi-automatically. For this purpose, the teams should receive SOME training and they should continuously review the systems with SIS (Security Information Event Management, Operation Monitoring tools etc.). Thus, the implementation of a system with two feet on the ground will be in life.

SOME Cources

Training titles which should be taken out in the relevant regulation are determined. However, it is essential for the establishment of a useful team to obtain and provide appropriate training for the competence of the team. Training titles are roughly presented below.

Secure Configuration Supervision Training
Penetration Testing Training
Attack Techniques Training
Intrusion Detection and Record Management Training
Central Security Monitoring and Incident Management Training
Cyber ​​Incident Response Team Installation and Management Training
Forensic Analysis Training in information systems
Computer Forensic Analysis
Network Forensic Analysis Training
Malware Analysis Methods Training
DDoS Attacks and Ways of Protection