Birleşik Krallık’ın Siber Güvenlik Politikasını Güç ve Caydırıcılık Üzerinden Anlamlandırmak

Yıl 2024, Cilt: 6 Sayı: 1, 26 - 39, 28.06.2024

İbrahim Çağrı Erkul

https://doi.org/10.59940/jismar.1477284

Öz

Bilgisayar korsanlarının eylemlerinin ve yetkinliklerinin anlaşılmasına paralel olarak, 1980’li yıllarda siber uzayın Birleşik Krallık tarafından güvenlikleştirilmeye başlandığı görülmüştür. Web sitelerinin oluşturulmasının ardından tehdidin çeşitlenmesi ise siyasetin hem ulusal hem de uluslararası alanda konuya odaklanmasını mümkün kılmıştır. 1990’lı yılların hemen başında siber güvenliğin sağlanması noktasında kurumsallaşmaya yönelik adımlar atılmış olsa da siber saldırıların etkileri, hükümet ve çeşitli sektörler üzerinde hissedilmeye devam etmiştir. 2000’li yıllarda ise Birleşik Krallık siber uzayda gerçek bir anarşinin hüküm sürdüğü gerçeğiyle yüzleşerek, siber saldırılar karşısındaki savunmasızlığını giderecek siber güvenlik stratejileri belirlemek durumunda kalmıştır. Bu yönüyle makale, siber uzayın Birleşik Krallık için önemli hale gelme sürecini de dikkate alarak, 2009 ve sonrasında açıklanan siber güvenlik stratejileri üzerinden Birleşik Krallık’ın siber güvenlik politikasını ve siber yetkinliklerini analiz etmeyi amaçlamaktadır. Makale, realist bir perspektif üzerinden Birleşik Krallık’ın siber güvenliğini yalnızca savunmada kalarak elde etmesinin mümkün olmadığını ortaya koyarak, siber caydırıcılık ve saldırı kapasitesini realist temelde arttırmasının gerekli olduğu iddiasındadır. Makalede realist anlayışa bağlı olarak arttırılması gereken siber güç ve saldırı kapasitesine rağmen siber uzayda dost ve müttefik aktörlerle iş birliğinin gerekliliği üzerinde de durulmuştur.

Anahtar Kelimeler

Birleşik Krallık, Siber Güvenlik, Siber Caydırıcılık, Siber Uzay.

Etik Beyan

"Birleşik Krallık’ın Siber Güvenlik Politikasını Güç ve Caydırıcılık Üzerinden Anlamlandırmak" başlıklı makalenin hazırlanması ve yayınlanması süreçlerinde araştırma ve yayın etiği kurallarına uyulmuştur. Çalışma için etik kurul izni gerekmemektedir.

Interpreting the UK's Cyber Security Policy in Terms of Power and Deterrence

Öz

In the 1980s, in parallel with understanding hackers' actions and capabilities, the United Kingdom (UK) began securitizing cyberspace. The diversification of the threat following the use of websites has made it possible for politicians to focus on cyberspace both nationally and internationally. Although institutionalization steps were taken to ensure cyber security in the early 1990s, the effects of cyber attacks impacted the government and various sectors. In the 2000s, the United Kingdom had to face the fact that there was absolute anarchy in cyberspace and determine cyber security strategies that would eliminate its vulnerability to cyber-attacks. In this respect, the article aims to analyze the UK's cyber security policy and cyber competencies through the cyber security strategies announced in 2009 and later, considering how cyberspace has become important for the UK. From a realistic perspective, the article claims that the UK can't achieve cyber security only through cyber defense and that it is necessary to increase her cyber deterrence and attack capacity on a realistic basis. The article also focuses on the necessity of cooperation with friendly and allied actors in cyberspace, even though the UK needs to increase its cyber power and attack capacity based on a realistic approach.

Anahtar Kelimeler

United Kingdom, Cyber Security, Cyber Deterrence, Cyberspace

Kaynakça

• [1] Cabinet Office. (2009). Cyber security strategy of the United Kingdom. safety, security and resilience in cyber space. London: The Stationery Office.
• [2] Applegate, S. (2015). Cyber conflict: disruption and exploitation in the digital age. Frederic Lemieux (Ed.), Current and Emerging Trends in Cyber Operations Policy, Strategy, and Practice. Palgrave Macmillan, 19-36.
• [3] Sweetman, A. (2022). Cyber and the city securing London’s banks in the computer age. Springer.
• [4] Buzan, B. (2008). Askeri güvenliğin değişen gündemi. Uluslararası İlişkiler, 5(18), 107-123.
• [5] Ning, H. (2022). A brief history of cyberspace. CRC Press.
• [6] Corera, G. (2015). Intercept: the secret history of computers and spies. London: Weidenfeld & Nicolson.
• [7] Computer Misuse Act 1990. (1990). https://www.legislation.gov.uk/ukpga/1990/18/pdfs/ukpga_19900018_en.pdf
• [8] Healey, J. (2013). A brief history of US cyber conflict. Jason Healey (Ed.), A Fierce Domain: Conflict in Cyberspace, 1986 to 2012, Cyber Conflict Studies Association, 14-87.
• [9] HM Government. (2010). A strong Britain in an age of uncertainty: the national security strategy. London: The Stationery Office.
• [10] Hjortdal, M. (2011). China’s use of cyber warfare: espionage meets strategic deterrence. Journal of Strategic Security, 4(2), 1–24.
• [11] Keane, J. (1998). Şiddetin uzun yüzyılı, Bülent Peker (Çev.), Ankara: Dost Kitabevi.
• [12] Viotti, P. R., Kauppi, M. V., (2016). Uluslararası ilişkiler teorisi, (Metin Aksoy, Çev. Ed.), Ankara: Nobel.
• [13] Vasquez, J. A. (2015). Savaş bulmacası, Haluk Özdemir (Çev.), Uluslararası İlişkiler Kütüphanesi.
• [14] Tumkevič, A. (2018). Uncertain security community: building Western cyber-security order. Journal of Information Warfare, 17(1), 74–86.
• [15] Rid, T. (2013). Cyberwar and peace: hacking can reduce real-world violence. Foreign Affairs, 92(6), 77–87.
• [16] Shea, J. (2017). How is NATO meeting the challenge of cyberspace? PRISM, 7(2), 18–29.
• [17] Cabinet Office. (2011). The UK cyber security strategy: protecting and promoting the UK in a digital world. https://assets.publishing.service.gov.uk/media/5a78a991ed915d04220645e2/uk-cyber-security-strategy-final.pdf
• [18] National Audit Office. (2013). The UK cyber security strategy: Landscape review. London: The Stationery Office.
• [19] Tinker, J. A. (2015). Güvenlik revizyonu. Ken Booth & Steve Smith (Ed.), Uluslararası İlişkiler Kuramları, Muhammed Aydın (Çev.), Uluslararası İlişkiler Kütüphanesi. 175-197.
• [20] Keshavarz, A. (2017). Stuxnet. Paul J. Springer (Ed.), Encyclopedia of Cyber Warfare. ABC-CLIO, 279-282.
• [21] Umbach, F. (2012). Critical energy infrastructure and risk of cyber attack. Konrad Adenauer stiftung-international reports, 35-66.
• [22] Stoddart, K. (2016). Live free or die hard: U.S.-UK cybersecurity policies. Political Science Quarterly, 131(4), 803–842.
• [23] Osborne, G. (2015). Chancellor's speech to GCHQ on cyber security. https://www.gov.uk/government/speeches/chancellors-speech-to-gchq-on-cyber-security
• [24] Richards, J. (2014). Cyber-war: the anatomy of the global security threat. Palgrave Macmillan.
• [25] Home Office. (2010). Cyber crime strategy. London: The Stationery Office. [26] Lucas, E. (2019). The spycraft revolution. Foreign Policy, 232, 20–27.
• [27] Singer, P. W. & Friedman, A. (2014). Cybersecurity and cyberwar: what everyone needs to know. Oxford: Oxford University Press.
• [28] Steed, D. (2019). The politics and technology of cyberspace. Routledge.
• [29] Cabinet Office. (2016). The UK cyber security strategy 2011-2016 annual report. https://assets.publishing.service.gov.uk/media/5a81bae5e5274a2e8ab558ca/UK_Cyber_Security_Strategy_Annual_Report_2016.pdf
• [30] HM Government. (2016). National cyber security strategy 2016-2021. https://data.parliament.uk/DepositedPapers/Files/DEP2016-0790/National_Cyber_Security_Strategy_v20.pdf
• [31] Cornish, P., Hughes, R., Livingstone, D. (2009). Cyberspace and the national security of the United Kingdom: threats and responses. Chatham House.
• [32] Montasari, R. (2023). Countering cyberterrorism the confluence of artificial intelligence, cyber forensics and digital policing in US and UK national cybersecurity. Springer.
• [33] HM Government. (2021). National cyber strategy 2022 pioneering a cyber future with the whole of the UK. https://assets.publishing.service.gov.uk/media/620131fdd3bf7f78e469ce00/national-cyber-strategy-amend.pdf
• [34] Stevens, T., O’Brien, K., Overill, R., Wilkinson, B., Pildegovičs, T., Hill, S. (2019). UK active cyber defence a public good for the private sector. King's College London.
• [35] House of Commons Committee of Public Accounts. (2019). Cyber security in the UK ninety-ninth report of session 2017–19. https://publications.parliament.uk/pa/cm201719/cmselect/cmpubacc/1745/1745.pdf
• [36] HM Government. (2022a). Government cyber security strategy building a cyber resilient public sector 2022-2030. https://assets.publishing.service.gov.uk/media/61f0169de90e070375c230a8/government-cyber-security-strategy.pdf
• [37] Oxford Economics. (2014). Cyber-attacks: effects on UK companies July 2014. [38] Harrop, W & Matteson, A. (2015). Cyber resilience: a review of critical national ınfrastructure and cyber-security protection measures applied in the UK and USA. Frederic Lemieux (Ed.), Current and Emerging Trends in Cyber Operations Policy, Strategy, and Practice. Palgrave Macmillan, 149-166.
• [39] Roskin, M. G., Berry, N. O. (2014). Uluslararası ilişkiler: ui’nin yeni dünyası. Özlem Şimşek (Çev.), Ankara: Adres Yayınları.
• [40] Kramer, F. D., & Butler, R. J. (2019). Cybersecurity: changing the model, Atlantic Council.
• [41] Wright, J. (2018). Cyber and international law in the 21st century. https://www.gov.uk/government/speeches/cyber-and-international-law-in-the-21st-century
• [42] Elefteriu, G. (2020). United Kingdom: thinly global. G. J. Schmitt (Ed.), A Hard Look at Hard Power: Assessing the Defense Capabilities of Key US Allies and Security Partners. Strategic Studies Institute, US Army War College, 359–390.
• [43] House of Commons Defence Committee. (2013). Defence and cyber-security sixth report of session 2012–13. London: The Stationery Office Limited.
• [44] Goldstein, J. S., Pevehouse, J. C. (2017). Uluslararası ilişkiler, Haluk Özdemir (Çev.), Ankara: BB101 Yayınları.
• [45] Devanny, J., Dwyer, A., Ertan, A., & Stevens, T. (2021). The national cyber force that Britain needs?. King's College London.
• [46] Intelligence and Security Committee of Parliament. (2020). Russia. https://isc.independent.gov.uk/wp-content/uploads/2021/03/CCS207_CCS0221966010-001_Russia-Report-v02-Web_Accessible.pdf
• [47] The National Cyber Security Centre. (2022). Annual review 2022 making the UK the safest place to live and work online. https://www.ncsc.gov.uk/files/NCSC-Annual-Review-2022.pdf
• [48] Özdemir, H. (2008). Uluslararası ilişkilerde güç: çok boyutlu bir değerlendirme. Ankara Üniversitesi SBF Dergisi, 63(03), 113-144.
• [49] Libicki, M. C. (2018). Expectations of cyber deterrence. Strategic Studies Quarterly, 12(4), 44–57.
• [50] Goodman, W. (2010). Cyber deterrence: tougher in theory than in practice?. Strategic Studies Quarterly, 4(3), 102–135.
• [51] Tzu, S. (2014). Savaş sanatı. Hasan İlhan (Çev.), Ankara: Alter Yayıncılık.
• [52] Machiavelli, N. (1999). Hükümdar. Selahattin Bağdatlı (Çev.), İstanbul: Der Yayınları.
• [53] Chen, J. (2017). Cyber Deterrence by Engagement and Surprise. PRISM, 7(2), 100–107.
• [54] McKenzie, T. M. (2017). Is cyber deterrence possible? Air University Press.
• [55] Nye, J. S. (2017). Deterrence and Dissuasion in Cyberspace. International Security, 41(3), 44–71.
• [56] Viotti, P. R., Kauppi, M. V., (2014). Uluslararası ilişkiler ve dünya siyaseti. Ayşe Özbay Erozan, (Çev.), Ankara: Nobel.
• [57] Aid, M. M. (2013). Espionage moves into the cyber age: the National Security Agency’s shift to cyber espionage. R. Huisken, O. Cable, D. Ball, A. Milner, R. Sukma, & Y. Wanandi (Ed.), CSCAP Regional Security Outlook 2014, 24–27.
• [58] ITU. (2019). Global cybersecurity index (GCI) 2018. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2018-PDF-E.pdf
• [59] ITU. (2021). Global cybersecurity index 2020. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2021-PDF-E.pdf
• [60] Prince, C., & Sullivan, J. (2019). The UK cyber strategy: challenges for the next phase. Royal United Services Institute.
• [61] Erkul, İ. Ç. (2021). Commonwealth’i anlamak: beşikten mezara Britanya İmparatorluğu. Konya: Çizgi Kitabevi.
• [62] HM Government. (2013). Serious and organised crime strategy. London: The Stationery Office.
• [63] Hitchens, T., & Goren, N. (2017). International cybersecurity information sharing agreements. Center for International & Security Studies, U. Maryland.
• [64] Billon-Galland, A. (2019). UK defence policy and Brexit: time to rethink London’s European strategy. European Defence Policy Brief, European Leadership Network.
• [65] Agreement between the Government of the United Kingdom of Great Britain and Northern Ireland and the Government of the United States of America on access to electronic data for the purpose of countering serious crime. (2019). https://www.gov.uk/government/publications/ukusa-agreement-on-access-to-electronic-data-for-the-purpose-of-countering-serious-crime-cs-usa-no62019
• [66] Bayraktar, G. (2015). Siber savaş ve ulusal güvenlik stratejisi. Yeni Yüzyıl Yayınları.
• [67] Akkuş, B. (2017). Özgürlük ve güven(siz)lik ikileminde siber uzay : yeni dünya için bir toplum sözleşmesi denemesi. Milenyum Yayınları.
• [68] HM Government. (2022b). UK government’s global digital access programme (DAP) -Pillar 2 Trust & Resilience project summaries. https://assets.kpmg.com/content/dam/kpmg/uk/pdf/2022/12/fcdo-dap.pdf
• [69] Mearsheimer, J. J. (2016). Yapısal realiizm. Tim Dunne, Milja Kurki, Steve Smith (ed), Uluslararası ilişkiler teorileri disiplin ve çeşitlilik, Özge Kelekçi (Çev.), Sakarya: Sakarya Üniversitesi Kültür Yayınları, 86-106.
• [70] Nye, J. S. (2005). Dünya siyasetinde başarının yolu yumuşak güç. Rayhan İnan Aydın (Çev.), Ankara: Elips Kitap.