Cybersecurity 2025

TÜRKIYE

Russia

Black Sea

Bulgaria

Georgia

Ankara

Türkiye

Law and Practice Contributed by: Bora Yazıcıoğlu, Kübra İslamoğlu Bayer, Aslı Rabia Savaş and Yağmur Yaren Özdabakoğlu YAZICIOGLU Legal Contents 1. General Overview of Laws and Regulators p.295 1.1 Cybersecurity Regulation Strategy p.295 1.2 Cybersecurity Laws p.296 1.3 Cybersecurity Regulators p.300 2. Critical Infrastructure Cybersecurity p.302 2.1 Scope of Critical Infrastructure Cybersecurity Regulation p.302 2.2 Critical Infrastructure Cybersecurity Requirements p.304 2.3 Incident Response and Notification Obligations p.306 2.4 State Responsibilities and Obligations p.307 3. Financial Sector Operational Resilience Regulation p.307 3.1 Scope of Financial Sector Operational Resilience Regulation p.307 3.2 ICT Service Provider Contractual Requirements p.308

Syria

Iraq

Cyprus

3.3 Key Operational Resilience Obligations p.309 3.4 Operational Resilience Enforcement p.309

3.5 International Data Transfers p.310 3.6 Threat-Led Penetration Testing p.312 4. Cyber-Resilience p.312 4.1 Cyber-Resilience Legislation p.312 4.2 Key Obligations Under Legislation p.313 5. Security Certification for ICT Products, Services and Processes p.313

5.1 Key Cybersecurity Certification Legislation p.313 6. Cybersecurity in Other Regulations p.314 6.1 Cybersecurity and Data Protection p.314 6.2 Cybersecurity and AI p.315 6.3 Cybersecurity in the Healthcare Sector p.316

293 CHAMBERS.COM

Powered by