ARTICLE
7 October 2025

Cybersecurity Law

HH
Hamzaoglu Hamzaoglu Kinikoglu Attorney Partnership

Contributor

We are an Istanbul-based law firm specializing in technology. We help our clients transform their companies in line with the challenges and opportunities brought by technology and the digital world. We aim for excellence and strive for a collaborative relationship with our clients of all sizes from startups to large corporations.

The Cybersecurity Law ("Law") entered into force upon its publication in the Official Gazette on March 19, 2025.
Turkey Technology

Executive Summary

The Cybersecurity Law ("Law") entered into force upon its publication in the Official Gazette on March 19, 2025. With this Law:

The Cybersecurity Presidency has been established to oversee audits, certification, authorization, and accreditation processes, ensuring that cybersecurity products and services comply with regulations. Cybersecurity incidents must be reported to the Presidency as soon as possible.

The Presidency will have the authority to audit companies within the scope of its inspection powers. Companies must keep relevant devices accessible for inspection and prepare the information and documents requested by the Presidency.

Cybersecurity products, systems, and services to be used in critical infrastructure must be obtained from cybersecurity experts, manufacturers, or companies authorized and certified by the Presidency.

The use of software, hardware, products, and services that may impact cybersecurity in the IT systems of critical infrastructures must receive approval from the Presidency.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More