TY - JOUR T1 - CYBER SECURITY IN THE FINANCIAL SECTOR IN TURKEY: THREATS, ACTORS AND DEFENSE STRATEGIES TT - CYBER SECURITY IN THE FINANCIAL SECTOR IN TURKEY: THREATS, ACTORS AND DEFENSE STRATEGIES AU - Süzen, Ahmet Ali AU - Erdem, Muhammed PY - 2025 DA - October Y2 - 2025 DO - 10.57120/yalvac.1758073 JF - Yalvaç Akademi Dergisi JO - YADE PB - Isparta Uygulamalı Bilimler Üniversitesi WT - DergiPark SN - 2548-0820 SP - 1 EP - 23 VL - 10 IS - 2 LA - en AB - The financial sector is one of the main targets of cyber threats due to its sensitive data and digital infrastructure. This study examines the various types of cyberattacks affecting the financial sector in Turkey, the threat actors behind these attacks, and the measures that can be taken against them. Past major cyberattacks and regulatory responses are also discussed. It proposes a multi-pronged strategy to increase the level of cybersecurity, including technological strengthening, human factor management and regulatory reforms. This is because cybersecurity is no longer just a technology issue for organizations, but a strategic priority for national economic stability. KW - Cyber Security KW - Financial Sector KW - Defense Strategies. N2 - The financial sector is one of the main targets of cyber threats due to its sensitive data and digital infrastructure. This study examines the various types of cyberattacks affecting the financial sector in Turkey, the threat actors behind these attacks, and the measures that can be taken against them. Past major cyberattacks and regulatory responses are also discussed. It proposes a multi-pronged strategy to increase the level of cybersecurity, including technological strengthening, human factor management and regulatory reforms. This is because cybersecurity is no longer just a technology issue for organizations, but a strategic priority for national economic stability. CR - [1]. Baur-Yazbeck, S., Frickenstein, J., & Medine, D. (2019). Cyber security in financial sector development. CGAP Background Documents, 5(2). CR - [2]. Paul, E., Callistus, O., Somtobe, O., Esther, T., Somto, K., Clement, O., & Ejimofor, I. (2023). Cybersecurity strategies for safeguarding customer’s data and preventing financial fraud in the United States financial sectors. International Journal on Soft Computing, 14(3), 01-1 CR - [3]. Adejumo, A. P., & Ogburie, C. P. (2025). Strengthening finance with cybersecurity: Ensuring safer digital transactions. World Journal of Advanced Research and Reviews, 25(3), 1527-1541. CR - [4]. Pomerleau, P. L., & Lowery, D. L. (2020). Countering cyber threats to financial institutions. In A private and public partnership approach to critical infrastructure protection. Berlin/Heidelberg, Germany: Springer. CR - [5]. Brandefense. (2023). Türkiye Finans Sektörü Siber Tehdit Görünümü Raporu 2023. ss. 10-24. CR - [6]. Kaur, P., Kumar, M., & Bhandari, A. (2017). A review of detection approaches for distributed denial of service attacks. Systems Science & Control Engineering, 5(1), 301-320 CR - [7]. Butavicius, M., Parsons, K., Pattinson, M., & McCormac, A. (2016). Breaching the human firewall: Social engineering in phishing and spear-phishing emails. arXiv preprint arXiv:1606.00887. CR - [8]. Jones, K. S., Armstrong, M. E., Tornblad, M. K., & Siami Namin, A. (2021). How social engineers use persuasion principles during vishing attacks. Information & Computer Security, 29(2), 314-331. CR - [9]. Brewer, R. (2016). Ransomware attacks: detection, prevention and cure. Network security, 2016(9), 5-9. CR - [10]. Ferdous, J., Islam, R., Mahboubi, A., & Islam, M. Z. (2023). A review of state-of-the-art malware attack trends and defense mechanisms. IEEe Access, 11, 121118-121141. CR - [11]. Kredina, A. (2021). Transformation of Fintech: Impact of POS and ATM on non-cash payments. Eurasian Journal of Economic and Business Studies, 60(2), 16-32. CR - [12]. Herley, C., & Florêncio, D. (2008, September). Protecting financial institutions from brute-force attacks. In IFIP International Information Security Conference (pp. 681-685). Boston, MA: Springer US. CR - [13]. Threatmon. (2025). Global Cyber Threats to the Financial Sector: Regional Analysis and Intelligence. Erişim adresi: https://threatmon.io/global-cyber-threat CR - [14]. Sailio, Mirko, Outi-Marja Latvala, and Alexander Szanto. "Cyber threat actors for the factory of the future." Applied Sciences 10.12 (2020): 4334. CR - [15]. Kaspersky. (2021). Financial cyberthreats in 2021. Erişim adresi: https://securelist.com/financial-cyberthreats-in-2021/105898/ CR - [16]. Berqnet. (2024). Finans Sektöründe Siber Saldırılar. Erişim adresi: https://berqnet.com/blog/finans-sektorunde-siber-saldirilar CR - [17]. USOM. (t.y.). Ulusal Siber Olaylara Müdahale Merkezi (USOM). Erişim adresi: https://www.usom.gov.tr CR - [18]. Threatmon. (2024). Global Cyber Threat Report 2024. Erişim adresi: https://threatmon.io/2024-global-cyber-threat-report/ CR - [19]. Öztürk, M. S. (2018). Siber saldırılar, siber güvenlik denetimleri ve bütüncül bir denetim modeli önerisi. Muhasebe ve Vergi Uygulamaları Dergisi, 208-232. CR - [20]. CyberMag (2019). Turkey Under Cyber Attack News. Erişim adresi: https://www.cybermagonline.com/turkiye-siber-saldiri-altinda CR - [21]. KVKK. Erişim adresi: https://kvkk.gov.tr/ CR - [22]. BDDK. Regulations Concerning Information Systems and Business Processes. Erişim adresi: https://www.cybermagonline.com/turkiye-siber-saldiri-altinda CR - [23]. TCMB. Legislation Related to Payment Systems. Erişim adresi: https://www.tcmb.gov.tr/wps/wcm/connect/TR/TCMB+TR/Main+Menu/Banka+Hakkinda/Mevzuat/Odeme+Sist emleri/ CR - [24]. USOM. Corporate Guide. Erişim adresi: https://www.usom.gov.tr/faydali-dokumanlar/kurumsal-some-rehberi CR - [25]. FFIEC. Federal Financial Institutions Examination Council Erişim adresi: https://www.ffiec.gov/ CR - [26]. PRA and FCA. Prudential Regulation Authority and Financial Conduct Authority Erişim adresi: https://www.bankofengland.co.uk/prudential-regulation CR - [27]. PwC. (2021). GDPR ve KVKK: Benzerlikler, Farklılıklar ve Şirketlere Yansımaları. PwC Türkiye Raporu. UR - https://doi.org/10.57120/yalvac.1758073 L1 - https://dergipark.org.tr/tr/download/article-file/5121865 ER -