        TY  - JOUR
T1  - Cyber Security in Primary and Secondary Education Institutions: A Document-Based Evaluation from Institutional, Teacher and Student Perspective
AU  - Kandır, Murat Osman
AU  - Uğur, Serap
PY  - 2025
DA  - July
Y2  - 2025
JF  - Digital Security and Media
JO  - DISEM
PB  - Anadolu University
WT  - DergiPark
SP  - 16
EP  - 31
VL  - 2
IS  - 1
LA  - en
AB  - This study investigates cybersecurity practices in Turkish primary and secondary education by analyzing official policy documents through a document analysis methodology. Without requiring ethical approval or field data collection, the study examines publicly available regulations and strategic plans from the Ministry of National Education (MoNE), the Information Technologies Authority (BTK), and the Personal Data Protection Authority (KVKK). Findings indicate that current Turkish policies emphasize technical security measures but lack sufficient structures for teacher training, student awareness, and institutional oversight. These policies are compared against the European Union&#039;s NIS2 Directive and the Cyber Resilience Act, revealing key discrepancies, especially in multi-factor authentication, incident logging, and staff training requirements. The study concludes that cybersecurity should be addressed not only as a technical issue but also as an educational and institutional priority, proposing a holistic vision for improving digital resilience in Turkey&#039;s K-12 education system.
KW  - cyber security
KW  - primary and secondary education
KW  - teacher competencies
KW  - student privacy
KW  - document analysis
KW  - digital security policies
CR  - Bowen, G. A. (2009). Document analysis as a qualitative research method. Qualitative Research Journal, 9(2), 27–40. https://doi.org/10.3316/QRJ0902027
CR  - ENISA. (2021). Cybersecurity maturity assessment framework for the public sector. https://www.enisa.europa.eu/publications
CR  - ENISA. (2025). NIS2 implementation guidelines for education sector. https://www.enisa.europa.eu
CR  - European Parliament &amp; Council. (2022). Directive (EU) 2022/2555 on measures for a high common level of cybersecurity. https://eur-lex.europa.eu
CR  - Ibrahim, A., Li, Y., &amp; Watson, R. (2024). A systematic review of cybersecurity education in K–12 curricula worldwide. ResearchGate. https://www.researchgate.net/publication/
CR  - Jayatilaka, G., Ranaweera, K., &amp; Wijesundara, N. (2021). Digital responsibility and child online safety in education. International Journal of Digital Education, 14(3), 45–60.
CR  - MEB (Milli Eğitim Bakanlığı). (2023). Bilgi ve Sistem Güvenliği Yönergesi. https://meb.gov.tr
CR  - MEB. (2023). 2023–2025 Stratejik Planı. https://sgb.meb.gov.tr
CR  - OECD. (2018). Digital Government Review of Brazil: Towards the Digital Transformation of the Public Sector. https://www.oecd.org
CR  - Rayavaram, P., Kumari, S., &amp; Bajaj, R. (2023). Visual cryptography curriculum with Scratch: A pilot implementation. arXiv. https://arxiv.org/abs/2301.12345
CR  - Tasay, D., &amp; Başaran-Demir, M. (2025). Öğretmenlerin siber güvenlik farkındalık düzeyleri: Bir nitel analiz. Eğitim ve Teknoloji Dergisi, 15(1), 101–120.
CR  - Yalçınkaya, B. (2023). Eğitim kurumlarında dijital güvenlik sorumluluğu ve veri etiği. Açıköğretim Uygulamaları ve Araştırmaları Dergisi, 9(2), 56–72.
CR  - Zdrnja, B. (2024). Navigating NIS2: Implementation challenges for the public sector. SANS Institute Report. https://www.sans.org
UR  - https://dergipark.org.tr/en/pub/disem/issue//1753867
L1  - https://dergipark.org.tr/en/download/article-file/5103493
ER  -