Determination of Cyber Security Awareness of Public Employees and Consciousness-rising Suggestions

Abstract

The aim of this study is to measure Turkish government employees’ awareness of cyber security and cyber space elements. Participants were 71 Turkish public employees working for various ministries. Both qualitative and quantitative research methods were used to get the most detailed information from the participants. A survey was administered to cyber security officers in chosen state institutions. For qualitative research, open-ended questions were administered to the participants. Reliability and validity issues were established for both surveys. Results show that employees have enough information about cyber security and cyber warfare. Findings clearly suggests that cyber defense policy should be planned in coordination with other state institutions and experiences should be shared. In order to create feasible and realistic cyber security policy at institutional level, experts at cyber security must be trained, hired and help must be requested from specialized individuals and institutions. This study recommends that rapid reaction teams RRT should be established to take care of cyber systems, to react against cyber breaches in time, to alert staff for cyber-attacks in order to establish effective recovery.RECEIVED 17 May 2016, REVISED 11 June 2016, ACCEPTED 11 June 2016

Keywords

• cyber security,cyber warfare,hacker,hacktivism,critical infrastructure

References

1. Akgun, B. (2011). Wikileaks and Assangists. Strategic Thinking Journal, 2(14), 22.
2. Amoroso, E.G., (2012). Cyber-attacks: protecting national infrastructure. UK: Butterworth-Heinemann, 13-17.
3. Collin, B. C. (1997). The future of cyberterrorism: Where the physical and virtual worlds converge. Crime and Justice International, 13(2), 14-18.
4. Command, D. (2005). Cyber Operations and Cyber Terrorism. DCSINT Handbook No. 1.02.
5. Demirkiran, P., (2013), Anonymous ve Hacktivizm, A.R. Keleş, F. Sayılan. (Editors) Hacker Culture and Hacktivizm. İstanbul: Alternative Informatics Association Headquarters, 288-291.
6. Infoworld, (2013). Cyber-espionage moves into B2B, Retrieved from
7. http://www.webcitation.org/query?url=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F2642608%2Ftechology-business%2Fcyber-espionage-moves-into-b2b.html&date=2016-02-13. 13.02.2016.
8. Lewis, J. A. (2002). Assessing the risks of cyber terrorism, cyber war and other cyber threats. Washington, DC: Center for Strategic and International Studies, 8-9.

9. Ogun, M. N., & Kaya, A. (2012) Significance of Cyber Security for National Security: A Study Concerning the Necessary Measures. Security
10. Strategies Journal, 9(18), 145-180
11. SOME (2013). 2013-2014 Action Plan, 2016-02-13 Retrieved from
12. http://www.webcitation.org/query?url=http%3A%2F%2Fwww.udhb.gov.tr%2Fdoc%2Fsiberg%2FSOME_2013-2014_EylemPlani.pdf&date=2016-02-13. 13.02.2016.
13. TUIK (2014). Turkey Statistical Institute Household Information Technology Usage Survey, Retrieved from
14. http://www.webcitation.org/query?url=http%3A%2F%2Fwww.tuik.gov.tr%2FPreHaberBultenleri.do%3Fid%3D16198&date=2016-02-12. 12.02.2016.
15. Vural, Y., & Sagıroglu, S. (2013). Cyber Security Risk Analysis, Threat and Readiness Levels. presented at Conference of International Participation Information Security and Cryptology, September 20-21th, Ankara.
16. Yayla, M., (2014). Cyber War and its difference from malicious acts in the Cyber environment. Hacettepe Law School Journal, 4(2), 181-197.
17. Yasar, H. (2014). Corporate Cyber Threats and Prevention Methods and a Case for Enterprise Security Cyber Security Action Plan. Master’s Thesis, Gazi University, Computer Forensics Institute, Ankara.