With the diversification of cyber security solutions and the automation of processes recently, one of the solutions that has entered our lives has been Threat Intelligence. In general, the purpose of Threat Intelligence or Cyber Intelligence solutions is to help organizations identify cyber threats they may encounter. Of course, there are points where each solution differs due to its unique features, but in this article, we will look at all threat intelligence solutions from the perspective of KVKK.
As it is known, after the KVKK was published in the Official Gazette, additional announcements or guides were published regarding the parts that could not be understood by the institutions. The guides are especially important in terms of understanding the way the Law is implemented. These guides have been very guiding in order to prevent that it is difficult to predict how a phenomenon that has just entered our lives will be applied directly and to prevent everyone from interpreting it from their own perspective. On the side of examining threat or cyber intelligence solutions in terms of KVKK, we will base on the Technical Measures Guide published by KVKK.
When we examine the KVKK Technical and Administrative Measures Guide, we can observe that quite a lot of articles actually show the importance of threat intelligence. For example, 3.1, which I shared below. When we look at the article Ensuring Cyber Security, we can interpret that it refers to the importance of Threat Intelligence in its first sentence.
3.1. The introductory paragraph of the Ensuring Cyber Security article: “The view that complete security can be achieved with the use of a single cyber security product to ensure personal data security is not always correct. Because threats are expanding their spheres of influence by changing their size and quality day by day.”
In the last sentence of his statement, he actually says that threats are changing in size and quality day by day and institutions are obliged to follow them. However, when we look at the past practices, it was difficult or even impossible to have a cyber security expert in every institution and to detect and block these threats manually, so this process was automated using artificial intelligence and machine learning, and known and even unknown threats were also detected.
Again, another feature of threat intelligence solutions is to determine the up-to-dateness of the currently used software and, if it is not up-to-date, to show it directly is very important for KVKK.
Article 3.1 of the KVKK Technical Measures Guide to this subject. In Ensuring Cyber Security, it is mentioned as follows:
KVKK Technical and Administrative Measures Guide article 2.1. In the Identification of Existing Risks and Threats article, it is stated that the attacks and risks that may be encountered, which are another feature of Threat Intelligence solutions, should be determined beforehand and precautions should be taken accordingly. Since Threat Intelligence solutions have features such as identifying blacklisted IPs, examining attack vectors, and predetermining and preventing not only known but also possible problems, we can interpret that this article again defines Threat Intelligence.
