Senior Cybersecurity Expert  Dr. Saim Atalay Keleştemur emphasized that while digitalization brings benefits such as increased efficiency and competitive advantage, it also introduces serious security risks. He highlighted the need to place cybersecurity at the core of digital transformation processes. Noting the rise in ransomware attacks, data breaches, and threats targeting IoT devices, particularly in the manufacturing sector, he stressed that businesses must develop proactive security strategies to effectively address these challenges.

With digitalization, businesses’ processes, from production to management, are becoming more connected, faster, and data-driven. However, this development process also brings new and complex threats. Cyber security is no longer the sole responsibility of IT departments; it is now a cornerstone that must be at the center of all strategic planning within organizations.

  • Digitalization brings not only efficiency but also new risks. Where do you think cybersecurity fits into the digital transformation process?

Today, digitalization has become an inevitable process for businesses to increase efficiency, optimize processes, and gain a competitive advantage. However, this transformation brings not only new opportunities but also serious risks. Cybersecurity is at the heart of the digital transformation process and provides a secure foundation for businesses on their digitalization journey. While digital transformation makes business operations faster, more efficient, and more connected, it also makes them more vulnerable to cyber threats. The widespread adoption of internet-connected devices, cloud-based systems, and big data analytics has expanded the scope and impact of cyberattacks. For this reason, cybersecurity is not merely a side issue of digital transformation, but rather a cornerstone. Businesses should consider cybersecurity a strategic priority from the outset when planning their digitalization processes. Digitalization enables businesses to collect more data and share it across a wider network. However, this situation creates new opportunities for data breaches, ransomware, phishing attacks, and other cyber threats. For example, digitizing a business’s production processes can leave those processes vulnerable to cyberattacks. In particular, networked machines and IoT devices are attractive targets for attackers. Therefore, in the digitization process, cybersecurity serves not only as a protective mechanism but also as an insurance policy that ensures business continuity.

“Ransomware attacks are among the most common threats”

  • What are the most common cyber threats in the manufacturing sector?

The manufacturing sector has become more vulnerable to cyber threats with the spread of digitalization and Industry 4.0 technologies. Ransomware attacks are among the most common threats faced by this sector. In such attacks, attackers lock production lines or block access to critical data and demand ransom. The disruption of production processes can lead to serious financial losses and customer dissatisfaction for companies. Another common threat is data breaches. Sensitive data used in production processes is a valuable target for cyber attackers. This data may include production plans, supply chain information, and customer data. Data breaches can result not only in financial losses but also in the loss of competitive advantage. For example, an attacker could steal algorithms used to optimize production processes and sell this information to a competing firm. Attackers who cannot find a direct buyer or wish to sell quickly may sell the data indiscriminately on digital marketplaces known as the “black market” to anyone willing to pay. Distributed Denial of Service attacks are also among the threats frequently encountered in the manufacturing sector. These attacks cause operational disruptions by targeting systems that control production lines. Such attacks cause major problems, especially in sectors that require timely delivery or cannot tolerate instant service interruptions. Internal threats are also a major risk factor in the manufacturing sector. Employees accidentally causing security breaches or engaging in malicious behavior can create serious cybersecurity issues. Finally, security vulnerabilities in legacy systems are also a common problem in the manufacturing sector. Industrial Control Systems typically rely on outdated technologies and lack modern cybersecurity measures. This leaves these systems vulnerable to attacks. To provide effective protection against all these threats, businesses must take proactive security measures, train their employees, and modernize their systems.

“All IoT devices should be part of the security strategy”
  • How is the proliferation of IoT devices affecting cybersecurity strategies?

The rapid increase in IoT devices is rendering traditional security approaches inadequate. Cyber security strategies must now be expanded to cover not only computer systems but all connected devices. For example, all IoT devices, from sensors used in a manufacturing facility to smart cameras, should be part of the security strategy. Modern cybersecurity strategies should use artificial intelligence and machine learning technologies to analyze the large amounts of data coming from IoT devices. These technologies play a critical role in detecting abnormal behavior and identifying potential threats in advance. The proliferation of IoT devices has increased the importance of endpoint security. Since each IoT device has become a potential point of attack, strategies should be developed and refined that include security measures at the device level, strong authentication mechanisms, and regular security updates. Network segmentation is also critical for the security of IoT devices. This requires isolating IoT devices in separate VLANs, keeping critical systems on separate networks, and controlling traffic between segments with a firewall. Since IoT devices collect large amounts of data, data security and privacy issues have undoubtedly gained special importance. This requires data encryption, the use of secure APIs, and the establishment and implementation of data storage and processing policies.

“Network security is one of the most fundamental areas that companies need to focus on”
  • Which areas should companies prioritize their cybersecurity investments in?

Companies should prioritize their cybersecurity investments in the most critical areas. This is because the scope and impact of cyber threats are growing along with the rapid increase in digitalization. Making these investments in the right areas is vital in terms of ensuring operational continuity for organizations and minimizing legal and financial risks. First and foremost, network security is one of the most fundamental areas that companies should focus on. Solutions such as firewalls and VPNs form the first line of defense against external threats by controlling network traffic. These systems monitor traffic between networks, detect threats, and block them when necessary. For example, a firewall can prevent a malicious attacker from accessing the company network and thus prevent data leaks.

“Cyber security training should include both theoretical and practical elements”
  • How should cybersecurity training be designed to increase employee awareness?

A cybersecurity training program designed to increase employee awareness should include both theoretical and practical elements and ensure that employees are aware of the threats they may encounter in their daily work processes. Such training should not only provide technical information, but also aim to change employees’ behavior regarding cybersecurity and encourage them to develop a proactive attitude toward threats. First and foremost, the training program should be designed to suit the level of the employees. For employees without technical knowledge, the training should begin at a basic level, explaining the fundamental concepts of cybersecurity. For example, information should be provided about common threat types such as phishing attacks, malware, ransomware, and social engineering. How these types of threats work and how employees can protect themselves against them should be explained using concrete examples. Training should include practical scenarios and simulations that encourage active participation from employees. For example, fake phishing emails can be sent to test employees’ ability to detect such attacks. Such exercises help employees learn how to respond in the event of a real attack and increase their awareness. In addition, during training, employees should be taught what steps to take when they encounter a suspicious situation and how to report it. The training program should not only raise individual awareness, but also convey the organization’s general cybersecurity policies to employees. For example, basic security measures such as creating strong passwords and changing them regularly, ensuring device security, and preventing the use of unauthorized software should be explained to employees in detail. Another important element of the training program is that it should be continuously updatable and accessible. Since cyber threats are constantly evolving, employees need to have up-to-date information about these threats. Therefore, training materials should be regularly updated, and an online training platform should be created that employees can access when needed. Finally, an assessment should be conducted at the end of the training program to measure employees’ knowledge levels, and certificates should be issued to those who pass. Such measurement increases employees’ motivation for training and strengthens the organization’s overall cybersecurity culture.

“The growth of cybercrime organizations in developing countries is becoming a global problem”
  • What are the new risks expected to emerge in the field of cybersecurity in the coming years?

New risks expected to emerge in the field of cybersecurity in the coming years are becoming more complex and dangerous with the rapid development of technology and cybercriminals using more sophisticated methods. In particular, the use of artificial intelligence and automation in cyberattacks seems likely to change the scale of threats in this area. AI-powered phishing kits and ready-made botnets for attacks enable attackers to carry out effective attacks without the need for technical knowledge. For example, phishing platforms equipped with generative AI technologies make fake emails and web forms more convincing, thereby increasing the effectiveness of social engineering attacks. Another significant risk is the increasing use of zero-day vulnerabilities. Security vulnerabilities in software used in critical infrastructure are quickly discovered and exploited by attackers. This situation once again highlights the importance of software security and regular updates. The target audience of cybercriminals is also expanding. Now, not only large companies, but also individuals, small businesses, and even government agencies are being targeted. It is known that state-sponsored threat actors, such as North Korea, use artificial intelligence to deceive software developers by setting up fake companies. Such social engineering attacks can be seen as heralding a new level in the cybercrime world. On the other hand, geographical risks and global threats are also on the rise. The growth of cybercrime organizations in less developed countries is becoming a global problem. While attacks such as job opportunity and investment scams are becoming more common in these regions, attacks on critical infrastructure are at the forefront in developed countries. The digitization of sectors such as energy, healthcare, and transportation in particular is making these areas attractive targets for attackers. At the same time, data security risks for individuals and businesses are also growing. The sale of stolen data on the Dark Web threatens the reputation and security of both individuals and organizations. This situation highlights the importance of password security, multi-factor authentication, and regular security updates. The widespread nature of cybercrime necessitates that individuals and organizations adopt a more proactive approach to cybersecurity. All of this is leading organizations to invest more in cybersecurity in the coming years, placing greater emphasis on it, and making it a necessity. Therefore, organizations that fail to invest in cybersecurity in the coming years may be doomed to disappear in a very short time. For this reason, it is necessary to make the necessary investments, establish regulations, and begin cybersecurity efforts now.