Fulya KÖKSOY

7148

Avrupa Birliği’nin Siber Güvenlik Politikası: Kurumsalcılık mı Tutarlılık mı?

Bilgi ve iletişim teknolojilerinin özellikle son dönemde hayatımıza yoğunluklu olarak entegre olduğu görülmektedir. Dijital çağın önüne geçilemez bir hızla değişim ve dönüşüm geçirmesi, pek çok avantaja neden olsa da beraberinde risk ve tehditleri getirmektedir. Öyle ki siber saldırılar bireylere, kurumlara ve devletlere yönelik önemli bir tehdit oluşturmaktadır. Bu bağlamda, son derece kırılgan bir dünya kompozisyonu ile karşılaşılmakta ve siber güvenlik kavramı ön plana çıkmaktadır. Siber güvenliğin sağlanması hususunun son derece önemli olması çerçevesinde Avrupa Birliği (AB) de dijitalleşen dünyadan kaynaklanan tehditleri kabul eden ve siber alanın güvenliğini sağlamaya dönük stratejiler ve politikalar geliştirmeye çalışan bir aktördür. Bu minvalden hareketle çalışmada, uluslararası sistemde kendine münhasır bir muhtevaya sahip olan ve 1 Aralık 2009 tarihinde yürürlüğe giren Lizbon Antlaşması ile beraber tüzel kişilik kazanan Avrupa Birliği’nin siber güvenlik politikaları analiz edilmekte, AB ile siber güvenlik olgusu bağlamında nasıl bir denklem ortaya çıkmaktadır? sorusuna cevap aranmakta ve bu denklemin, resmî (kurumlar) ve gayri resmî (kurallar, prosedürler gibi) yapılar ekseninde AB’nin siber güvenlik politikasının analiz edilmesini sağlayan kurumsalcılık mı yoksa tutarlılık bağlamında mı kurulduğuna odaklanılmaktadır.
Anahtar Kelimeler:

Avrupa Birliği, Siber Güvenlik, Tarihsel Kurumsalcılık, Tutarlılık, Avrupa Birliği’nin Siber Güvenlik Politikası

The Cyber Security Policy of European Union: Institutionalism or Coherence?

It is seen that information and communication technologies have been intensely integrated into our lives especially in the recent period. The digital age has been changed and transformed at an unavoidable rate, despite it causes many advantages, but it also brings risks and threats. In fact, cyber-attacks pose an important threat to individuals, institutions and states. In this context, an extremely fragile world composition is encountered and the concept of cyber security comes to the fore. As the issue of ensuring cyber security is extremely important, the European Union (EU) is an actor that accepts threats arising from the digital world and tries to develop strategies and policies to ensure the security of the cyber space. Concordantly, the cyber security policies of the European Union, which has sui-generis content in the international system and gained legal status by Lisbon treaty entered into force on 1 December 2009, are analyzed. In addition to this, the equation arises between the European Union and the cyber security phenomenon has been examined for finding out whether the equation is built on institutionalism, which enables the analysis of the EU's cyber security policy on the basis of formal (institutions) and informal (such as rules, procedures) structures, or consistency.
Keywords:

European Union, Cyber Security, Historical Institutionalism, Coherence, European Union’s Cyber Security Policy,

PDF

___

  • AKYEŞILMEN, Nezir, Siber Politika ve Güvenlik, Orion Yayınevi, Ankara, 2018.
  • BAYKAL, Sanem ve Göçmen, İlke, Avrupa Birliği Kurumsal Hukuku, Seçkin Yayıncılık, Ankara, 2016.
  • BAYRAM, H. Mehmet, Avrupa Birliği Hukuku Dersleri, Seçkin Yayıncılık, Ankara, 2015.
  • CHRISTOU, George, Cybersecurity in the European Union. Resilience and Adaptability in Governance Policy, Palgrave, London, 2016.
  • EILSTRUPP-SANGIOVANNI, Mette, Debates on European Integration, Palgrave, Houndmilss, 2006.
  • GÖÇMEN, İlke, Avrupa Birliği Maddi Hukuku, Seçkin Yayıncılık, Ankara, 2017.
  • PIERSON, Paul, Politics in Time: History, Institutions, and Social Analysis, Princeton University Press, NJ., 2004.
  • ROSAMOND, Ben, Theories of European Integration, Palgrave, London, 2000.
  • BULMER, Simon, “The Governance of the European Union: A New Institutionalist Approach”, Journal of Public Policy, 1993, Vol 13, No 4, pp. 351-380.
  • CARRAPICO, Helena and Barrinha, Andre, “The EU as a Coherent Security Actor?”, JCMS, 2017, Vol 55, No 6, pp. 1254-1272.
  • CREMONA, Marise, “Coherence through Law: What Difference will the Treaty of Lisbon Make?”, Hamburg Review of Social Sciences, 2008, Vol 3, No 1, pp. 11-36.
  • DARICILI, B., Ali, “Türkiye’nin Siber Güvenlik Politikalarının Analizi; Türkiye’nin Siber Güvenlik Modeli için Öneriler”, TESAM Akademi Dergisi, 2019, Cilt 6, Sayı 2, ss. 11-33.
  • ERENDOR, Mehmet, E., “Risk Toplumu ve Refleksif Modernleşme Çerçevesinde Siber Terörizm: Tanımlama ve Tipoloji Sorunu”, Cyberpolitik Journal, 2016, Cilt 1, Sayı 1, ss. 114-133.
  • FAHEY, Elaine, “EU’S Cybercrime and Cyber Security Rule-Making: Mapping the Internal and External Dimensions of EU Security”, European Journal of Risk Regulation, 2014, Vol 5, No 1, pp. 46-60.
  • GIACOMELLO, Giampiero, “Introduction: Security In Cyberspace”, , Giampiero Giacomello (Edt.), Security in Cyberspace- Targeting Nations, Infrastructures, Individuals, Bloomsbury Academic, London, 2014, pp. 1-20.
  • GUITTON, Charles, “Cyber Insecurity as a National Threat: Overreaction from Germany, France and the UK?”, European Security, 2013, Vol 22, No 1, ss. 21-35.
  • HALL, Peter and Taylor, Charles, “Political Science and the Three New Institutionalisms”, Political Studies, 1996, Vol 44, No 2, pp.936-957.
  • KRASNER, Stephen D., “Approaches to the State: Alternative Conceptions and Historical Dynamics”, Comparative Politics, 1984, Vol 16, No 2, pp. 223-246.
  • PIERSON, Paul, “Increasing Returns, Path Dependence, and the Study of Politics”, American Political Science Association, 2000, Vol 94, No 2, pp. 251-267.
  • PIERSON, Paul and Skocpol, Theda, “Historical Institutionalism in Contemporary Political Science”, Ira Katznelson , Helen Milner and Ada Finifter (Edt.), Political Science: The State of the Discipline, Norton Press, NewYork, 2002, pp. 693-721
  • POLLACK, Mark, “The New Institutionalism and EU Governance: The Promise and Limits of Institutionalist Analysis”, Governance, 1996, Vol 9, No 4, pp. 429-458.
  • POLLACK, Mark, “The New Institutionalism and European Integration”, Antje Wiener ve Thomas Diez (Edt.), European Integration Theory, Oxford University Press, NewYork, 2009, pp. 125-143.
  • POMORSKA, Karolina and Vanhoonacker, Sophie, “Europe as a Global Actor: Searching for a New Strategic Approach”, JCMS, 2016, Vol 52, No 1, pp. 216-229.
  • SLIWINSKI, Feliks, “Moving beyond the European Union's Weakness as a Cyber Security Agent”, Contemporary Security Policy, 2014, Vol 35, No 3, pp. 468-486.
  • THELEN, Kathleen, “Historical Institutionalism in Comparative Politics”, Annual Review of Political Science, 1999, Vol 2, pp. 369–404.
  • ABİHA, 2012, https://www.ab.gov.tr/files/pub/antlasmalar.pdf, (Erişim Tarihi: 30.04.2020).
  • BANGEMANN, Martin, “Recommendations to the European Council Europe and the Global Information Society”, 1994, http://www.channelingreality.com/ Digital_Treason/Brussels_1995/Bangemann_report.pdf, (Erişim Tarihi: 13.03.2020).
  • BENDIEK, Annegret, “European Cyber Security Policy”, 2012, https://www.swp-berlin. org/fileadmin/contents/products/research_papers/2012_RP13_bdk.pdf, (Erişim Tarihi: 19.04.2020).
  • COLLIER, R. Berrins and Collier, David, “Framework: Critical Junctures and Historical Legacies”, 1991, https://polisci.berkeley.edu/sites/default/files/people/ u3827/Collier-Collier%20SPA%20Chap%201.pdf, (Erişim Tarihi: 10.04.2020).
  • CRAIGEN, Dan, Diakun-Thibault, Nadia and Purse, Randy, “Defining Cybersecurity”, Technology Innovation Management Review, 2014, https://timreview.ca/ sites/default/files/article_PDF/Craigen_et_al_TIMReview_October2014.pdf, (Erişim Tarihi: 18.02.2020).
  • DUNN-CAVELTY, Myriam and Suter, Manuel, “Public-Private Partnerships are no Silver Bullet: An Expanded Governance Model For Critical Infrastructure Protection”, International Journal of Critical Infrastructure Protection, 2009, https://www.files.ethz.ch/ isn/106323/PPP_no_silver_bullet.pdf, (Erişim Tarihi: 29.04.2020).
  • ENISA, “Overview of Cybersecurity and Related Terminology”, 2017, https://www.enisa.europa.eu/publications/enisa‐positionpapers‐and‐opinions/enisa‐overview‐of‐cybersecurity‐and‐related‐terminology, (Erişim Tarihi:03.05.2020).
  • ENISA, “About ENISA”, 2020, https://www.enisa.europa.eu/about-enisa, (Erişim Tarihi: 12.04.2020).
  • European Commission, “Completing the Internal Market”, 1985, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:51985DC0310&from=EN, (Erişim Tarihi: 09.02.2020).
  • European Commission, “Illegal and Harmful Content on Internet”, 1996, http://aei.pitt.edu/5895/1/5895.pdf, (Erişim Tarihi: 10.03.2020).
  • European Commission, “Network and Information Security: Proposal for A European Policy Approach”, 2001, https://ec.europa.eu/transparency/regdoc/rep/1/2001/EN/1-2001-298-EN-F1-1.Pdf, (Erişim Tarihi: 11.03.2020).
  • European Commissiona, “Some Practical Proposals for Greater Coherence, Effectiveness and Visibility”, 2006, https://ec.europa.eu/councils/bx20060615/ euw_com06_278_en.pdf, (Erişim Tarihi: 03.04.2020).
  • European Commissionb, “Strategy for a Secure Information Society”, 2006, https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=LEGISSUM:l24153a, (Erişim Tarihi: 03.04.2020).
  • European Commission, “Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace”, 2013, http://eeas.europa.eu/archives/docs/policies/eu-cyber-security/cybsec_comm_en.pdf, (Erişim Tarihi: 15.03.2020).
  • European Commissiona, “The European Agenda on Security”, 2015, https://eur-lex.europa.eu/legal-content/GA/TXT/?uri=CELEX:52015DC0185, (Erişim Tarihi: 17.03.2020).
  • European Commissionb,“A Digital Single Market Strategy for Europe”, 2015, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A52015DC0192, (Erişim Tarihi: 18.03.2020).
  • European Commission, “Joint Framework on Countering Hybrid Threats”, 2016, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52016JC0018, (Erişim Tarihi: 22.04.2020).
  • European Commissiona, “Resillience, Detterence and Defence: Building Strong Cyber Secuirty for the EU”, 2017, https://eur-lex.europa.eu/legal-content/en/TXT/?uri= CELEX%3A52017JC0450, (Erişim Tarihi: 14.04.2020).
  • European Commissionb, “Cyber Security Act”, 2017, https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52017PC0477&from=EN, (Erişim Tarihi: 19.04.2020).
  • European Commission, “Regulation on ENISA and on Information and Communications Technology Cybersecurity Certification and Repealing Regulation (Cybersecurity Act)”, 2019, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019R0881& from=EN, (Erişim Tarihi:01.05.2020).
  • European Commission, “The Directive on Security of Network and Information Systems (NIS Directive)”, 2020, https://ec.europa.eu/digital-single-market/en/network-and-information-security-nis-directive, (Erişim Tarihi: 17.03.2020).
  • European Council, “European Council Conclusions Corfu”, 1994, http://aei.pitt.edu/1444/1/corfu_june_1994.pdf, (Erişim Tarihi: 09.03.2020).
  • European Council, “Tampere Council Conclusions”, 1999, https://www.europarl. europa.eu/summits/tam_en.htm#c, (Erişim Tarihi: 02.04.2020).
  • European Council, “Council Framework Decision on Attacks against Information Systems”, 2005, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX: 32005F0222&from=EN, (Erişim Tarihi: 11.03.2020).
  • European Parliament and Council, “Directive on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data”, 1995, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A31995L0046, (Erişim Tarihi: 10.03.2020).
  • European Parliament and Council, “Directive on the Concerning the Processing of Personal Data and the Protection of Privacy in the Electronic Communications Sector”, 2002, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32002L0058 &from=EN, (Erişim Tarihi: 11.03.2020).
  • European Parliament and Council, “Directive on the Retention of Data Generated or Processed in Connection with the Provision of Publicly Available Electronic Communications Services or of Public Communications Networks and Amending”, 2006, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32006L0024 &from=GA, (Erişim Tarihi: 11.03.2020).
  • European Parliament and Council, “Directive on Network and Information Systems across the Union”, 2016, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_. 2016.194.01.0001.01.ENG&toc=OJ:L:2016:194:TOC, (Erişim Tarihi:15.04.2020).
  • Federal Ministry of the Interior, “Cyber Security Strategy for Germany”, https://www.cio.bund.de/SharedDocs/Publikationen/DE/Strategische-Themen/css_engl_download.pdf?__blob=publicationFile, (Erişim Tarihi: 09.03.2020).
  • HELMBRECHT, Udo, Purser, Steve and Ritter-Klejn, Maj, “Cyber Security: Future Challenges and Oportunities”, 2012, https://www.btg.org/wp-content/uploads/2012 /01/ENISA-Cyber-Security-Report-2011.pdf, (Erişim Tarihi:03.05.2020).
  • KLIMBURG, Alaxender and Tirmaa-Klaar, Heli, “Cybersecurity and Cyberpower: Concepts, Conditions and Capabilities for Cooperation for Action within the EU”, 2011, https://www.europarl.europa.eu/RegData/etudes/STUD/2011/433828/EXPO-SEDE_ET(2011)433828_EN.pdf, (Erişim Tarihi: 21.04.2020).
  • LOCKWOOD, Matthew, Kuzemko, Caroline, Mitchell, Catherine and Hoggett, Richard, “Historical Institutionalism and the Politics of Sustainable Energy Transitions: A Research Agenda”, 2016, https://core.ac.uk/download/pdf/ 43098859.pdf, (Erişim Tarihi: 19.02.2020).
  • Maastricht Treaty, 1992, https://europa.eu/european-union/sites/europaeu/files/docs/ body/treaty_on_european_union_en.pdf, (Erişim Tarihi: 21.03.2020).
  • Ministry of Digital Affairs, “National Framework of Cybersecurity Policy of the Republic of Poland for 2017‐2022”, 2017, https://www.enisa.europa.eu/topics/ national‐cyber‐security‐strategies/ncssmap/strategies/govermental‐program‐for‐protection‐of‐cyberspace‐for‐theyears‐2011‐2016‐2013, (Erişim Tarihi:09.03.2020).
  • MISSIROLI, Antonio, “Towards An Eu Global Strategy: Background, Process, References”, 2015, https://www.iss.europa.eu/sites/default/files/EUISSFiles/ Towards_an_EU_Global_Strategy_0_0.pdf, (Erişim Tarihi: 12.03.2020).
  • National Security Authority, “Central European Platform for Cybersecurity”, 2018, https://www.nbu.gov.sk/en/cyber-security/partnership/central-european-platform-for-cybersecurity/index.html, (Erişim Tarihi: 25.04.2020).
  • NIS Directive, 2016, https://eur-lex.europa.eu/eli/dir/2016/1148/oj, (Erişim Tarihi: 09.04.2020).
  • Single European Act, 1987, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/? uri=CELEX:11986U/TXT&from=EN, (Erişim Tarihi: 10.03.2020).
  • Strategie Kybernetické Obrany ČR, 2018, http://www.acr.army.cz/assets/informacni-servis/zpravodajstvi/strategie-kyberneticke-obrany.pdf, (Erişim Tarihi: 07.05.2020).
  • TRAUNER, Florian, “The Internal–external Security Nexus: More Coherence under Lisbon?”, 2011, https://www.ies.be/files/op89_The_internal-external_security_nexus.pdf, (Erişim Tarihi: 12.03.2020).
Güvenlik Stratejileri Dergisi-Cover
  • ISSN: 1305-4740
  • Yayın Aralığı: Yılda 3 Sayı
  • Başlangıç: 2005
  • Yayıncı: Millî Savunma Üniversitesi Atatürk Stratejik Araştırmalar ve Lisansüstü Eğitim Enstitüsü
Arşiv
Sayıdaki Diğer Makaleler

Soğuk Savaş: Amerikan Büyük Stratejisi, Johnson Doktrini ve Kıbrıs

Kaan Kutlu ATAÇ, Mehmet Mert ÇAM

Doğu Akdeniz’deki Doğal Gaz Rezervlerinin Ekonomik ve Güvenlik Boyutuyla Türkiye Açısından Değerlendirmesi

Hüseyin Tamer HAVA

Somali - Kenya Deniz Sınırı İhtilafı

M. Cem OĞULTÜRK

Göçün Güvenlikleştirilmesi Bağlamında Bulgaristan’ın Suriyeli Göçmenlere Yönelik Politikası

Kader ÖZLEM

Avrupa Birliği’nin Siber Güvenlik Politikası: Kurumsalcılık mı Tutarlılık mı?

Fulya KÖKSOY

Türkiye’de Silah İthalatının İktisadi Büyüme Üzerine Etkisi

Şerif CANBAY, Derya MERCAN

2005-2015 Perspektifinden Amerika Birleşik Devletleri’nin Sahraaltı Afrika Politikası ve Afrika Komutanlığı (AFRICOM)

Yücel ÖZEL, Güngör ŞAHİN