Abstract:

In this study, a questionnaire study conducted to organizations that The National Information and Communication Security Guide, which includes information security measures to be followed by the public institutions and the operators providing critical infrastructure services, is the first reference document specific to our country. Along with filling a big gap in the field of information and communication security, the guide also has an important feature in increasing the resilience of institutions against cyber attacks. In this study, the general structure of the guide is examined and information about the guideline implementation processes is given. In addition, cyber security attacks and vulnerabilities for Internet of Things (IoT) security, which is one of the main topics covered in the guide, are mentioned. In this study, it is shown how to perform the IoT security audits in the guide by creating the network topology of a representative corporate structure in the simulation environment. With security audits, it is aimed to ensure the compliance of the representative institution with the measures for IoT security in the guide.

Keywords: