Contact

Information Security Policy

The main field of activity of CBERNET Bilgi Teknolojileri Anonim Şirketi is the implementation and operation of cyber security projects in critical facilities and operational technologies (OT) infrastructures, and the provision of pre-sales and after-sales services as consultancy. Our organization provides IT (Information / Information Systems Infrastructure) and OT (Automation Infrastructure) Cyber Security / Network Project Management.

Our institution also provides analysis, consultancy, technical support and training activities.

The Agency’s policy is based on national and international regulations, standards and documents in force for each of the services provided and all transactions and documents prepared are based on compliance with national and international standards.

In this context, our organization takes access controls in accordance with the need-to-know principle within the framework of legal compliance and security measures in accordance with the developing technology. Considering the information security threats, an information security risk management system is implemented that provides an appropriate balance between risks and measures in terms of the organization’s information assets and services. Our information security objectives within this framework;

  1. Ensuring compliance with legal requirements and standards
  2. Maximizing the confidentiality, integrity and accessibility of the data processed in the organization,
  3. Ensuring business standardization and increasing security in information systems,
  4. Establishing infrastructures to ensure the protection of the data of internal and external stakeholders who directly or indirectly benefit from our business processes to the extent they request,
  5. Continuous improvement of ISMS in line with the developing technology and standards.

We undertake to comply with the Information Security Management System, which is defined, put into effect and implemented in a way that realizes the determined information security objectives and fulfills the requirements specified in TS ISO/IEC 27001, to allocate the resources necessary for the efficient operation of the system, to evaluate its effectiveness, to continuously improve it, and to ensure that it is understood by employees and accessible to all interested parties.