We Talked with Sefa Merve Ağlaç, Director of All-in Cyber, about Investments in National Security

You are one of Turkey's leading 100% domestic and national companies in the field of cyber security. What are the prominent services you offer in this area?

The human factor, the processes of organizations and the solutions they use take place in the cyber attack life cycle. The most important step of security is the measures taken before the risk arises. After analyzing the current situation of institutions, we work to eliminate these risks with a proactive approach by identifying their needs. Our expert staff and the tailor-made key solutions we offer are our greatest strengths. We also partner with global manufacturers when necessary and offer customized services in line with the needs of our customers.

You have joined the departments of Kafein Technology, the leading technology company in the sector. Could you tell us a little bit about this investment?

Kafein Technology is one of Turkey's fastest-growing technology companies, with a growth rate of over 45% in the past three years. Today, the company employs over 700 people and is a publicly traded company, making it one of the unique players in the technology sector. With more than 15 years of experience in the industry, cyber security has now become one of its areas of expertise. We have taken over the management of cyber security solutions and integrated them under the All-in Cyber brand with the department we established, staffed with our experts. This allows us to focus on providing cyber security services and solutions while offering our clients a solution that can easily be integrated into their existing technology ecosystems.

If we were to talk about your position in Turkey, where do you see yourself in this stake?

For now, we can say that we are a boutique cybersecurity consultancy. This gives us a big advantage that allows us to prioritize customer centricity. Our difference is that thanks to our partnerships with strong manufacturers and technology providers, we are able to offer flexible solutions to meet customer needs. We also contribute to the growth of our industry and aim to educate young people in cyber security. Young people will not only have the chance to develop themselves theoretically in a globally popular field, but they will also receive vocational training by working with experts in the field. According to the Verizon 2021 Data Breach Investigations Report, 36 percent of security breaches in 2021 are related to phishing. Scammers are developing new tactics every day, trying to trap users who spend more time at home. In fact, this has become a global threat, leading organizations to increase their cybersecurity budgets. In 2021, it was determined that 82 percent of companies increased these finances. Therefore, the market is growing and we are positioning ourselves in the right place in the rapidly growing cyber security market with our pinpoint solutions and service-oriented approach.

First of all, what would you like to say about the present and future of the IT sector in the world and in Turkey?

Turkey is now an IT sector player that can compete globally and export the software and hardware it develops. Our biggest advantage is the young generation that can quickly adapt to technology. North America and European countries still have not updated their old systems in many sectors, especially in the public sector. Turkey, on the other hand, has made a much faster entry into new technologies and has rapidly caught up with the digital momentum. From now on, I believe that we will and should continue to ensure the continuity of this momentum, continuously improve the existing ones, and continue on our way without losing the excitement of realizing new technological breakthroughs. Of course, while doing all these, we must always use cyber security as a shield. Because digitalization, informatics and technology breakthroughs bring risks with them. The sector is growing because it is not outdated. As digitalization is in constant development, factors such as security vulnerabilities, threat actors, and ransomware will also increase by updating themselves.

There is an increase in crimes committed through the internet in our country. How can we explain this? What is the extent of the material damage caused by these attacks?

With the pandemic, the volume of transactions in the digital world has increased. Therefore, the exploitation of security vulnerabilities in this area has also increased. A cybersecurity attack occurs approximately every 15 seconds in the world, and the cost of successful attacks is estimated to be approximately 140 billion dollars by the end of 2022. According to the ENISA Threat Landscape 2021 report, DDoS-based attacks have increased with the pandemic period. In 2020, the number of these attacks exceeded 10 million. This is almost a 10-fold increase compared to the previous year. According to the same report, ransomware recovery is now a very budgetary task. In 2021, it was determined that it was necessary to allocate an average of 1.85 million dollars for this work.

What are your recommendations for companies in terms of information and data security?

In order to ensure that information and data security does not result in financial, legal and reputational losses, it is first necessary to determine the needs with a good analysis. What data does the company collect, from whom and how, how does it categorize, where and how does it store and how does it use it? Each of these questions should be carefully answered and processes should be established. All employees involved in these processes should be trained at the level of their access to data. A technological infrastructure should be established to ensure personal data security (at this point, the personal data security of the employee is now part of the security of the company) and corporate data security in the maximum way.

Cyber attacks and threats have become one of the most critical topics for both brands and people. How was 2021 and can you share your thoughts and predictions about the cyber security sector and breaches in 2022?

Turkey ranks 20th in the Global Cybersecurity Index worldwide and 11th in Europe, indicating that the government is well-prepared in terms of cyber security. However, unfortunately, companies and individuals are not equally prepared. Between 2019 and 2020, the rate of cyberattacks increased by more than 80%. As expected, this number rose further in 2021 and continues to rise in 2022. Advanced Persistent Threat (APT) attacks are among the most significant attacks impacting both companies and the public. These attacks involve cybercriminals infiltrating a system and observing its vulnerabilities for a long period without being detected. For example, a few years ago, the Central Bank of Bangladesh lost 1 billion dollars due to such an attack. As we always say, cyber security has three pillars: People, Processes, and Technologies. Employee training is the first layer in the security chain. The company's processes, such as how, why, and where data is collected and stored, as well as the strength and currency of the cybersecurity technologies used, are critical criteria.

There is talk that Turkey has a deficit of over 15 thousand cyber security experts. How do you evaluate this situation? What do you think should be done to close the expert gap?

Cybersecurity is one of the most important fields of technology, and its significance will continue to grow because in a world where information is power, and those who hold information hold the power, ensuring the security of that information will never take a back seat. Universities have started offering training and establishing undergraduate programs in cybersecurity. As All-in Cyber, we established the All-in Cyber Security Academy to train young people in this field and contribute to the development of the experts needed in this area. The "Skills" index in TÜBİSAD’s 2021 report is an important indicator for education in this field. Last year (currently 2022—does this refer to 2021 or 2020?), this index was 2.82, and in 2021, it increased to 3.17. By contributing to this area, we aim to support job creation and employment growth.

How do you plan to create a difference compared to other cybersecurity companies?

Our team, consisting of skilled cybersecurity experts, identifies the needs of each customer and offers flexible solutions tailored to those needs. We collaborate with both local and global firms providing security services, but all our projects are shaped by our customers' requirements. Therefore, our difference lies in offering solutions based on specific needs rather than providing packaged solutions.

Source: https://www.cybermagonline.com/allincyber-direktoru-sefa-merve-aglac-ile-milli-siber-guvenlik-alanindaki-yatirimlari-konustuk