Cybersecurity Strategies of Digital Administrations: A Review of The EU and Finland
DOI:
https://doi.org/10.63556/tisej.2026.1799Keywords:
Cyber security strategy, european union, finland, public administration, digital administrationAbstract
This study examines the impact of increasingly complex cyber threats on public administration and policy-making processes through the cases of the European Union (EU) and Finland. The EU pursues normative leadership in cybersecurity by promoting integrated governance through legislation, institutional coordination, and resilience policies. The NIS2 Directive, the Cyber Resilience Act, the Digital Services Act, the General Data Protection Regulation (GDPR), and the Artificial Intelligence Act collectively form the normative foundation of the Union’s comprehensive digital security framework. However, implementation disparities among member states continue to limit the overall effectiveness and sustainability of these strategies. Finland’s 2024–2035 National Cybersecurity Strategy, on the other hand, represents an operationally robust model that integrates participatory governance, public–private cooperation, cryptography, artificial intelligence applications, and national monitoring mechanisms. Finland conceptualizes cybersecurity not merely as a technical defense tool but as an integral component of economic development, democratic governance, and the digital dimension of national sovereignty. The findings indicate that sustainable cybersecurity depends not only on technological capacity but also on institutional resilience, international cooperation, skilled human resources, and societal awareness. When the EU and Finland are considered together, Europe's potential to create a holistic and resilient digital security ecosystem is increasingly strengthened.
References
Admass, W. S., Munaye, Y. Y., ve Diro, A. A. (2024). Cyber security: State of the art, challenges and future directions. Cyber Security and Applications, 2, 100031.
Akarslan, H. (2012). Bilişim suçları. Ankara: Seçkin Yayıncılık.
Altın, O. (2023). AB’nin siber güvenlik alanındaki politikalarının ve uygulamalarının etkinliği: bir siber güvenlik temsilcisi olarak AB’nin yeterliliği. Çankırı Karatekin Üniversitesi İktisadi ve İdari Bilimler Fakültesi Dergisi, 13(2), 482-507.
Balay, R. (2004). Küreselleşme, bilgi toplumu ve eğitim. Ankara Üniversitesi Eğitim Bilimleri Fakültesi Dergisi, 37(2), 61-82.
Beltrán, M. (2025). AI algorithms under scrutiny: GDPR, DSA, AI Act and CRA as pillars for algorithmic security and privacy in the European Union. Computers & Security, 104628.
Çakmak, H. B., ve Demir, M. (2009). Katarakt ameliyatlarında bilgilendirilmiş onam. Journal of Glaucoma-Cataract/Glokom-Katarakt, 4(2), 130-136.
Çevik, İ. (2023). Avrupa Birliği Dijital Hizmetler Yasası'nın değerlendirmesi. Yıldırım Beyazıt Hukuk Dergisi, (2), 387-419.
Cornish, P., Livingstone, D., Clemente, D., ve Yorke, C. (2010). On cyber warfare (pp. 21-22). London: Chatham House.
EGM (2025). Siber suç nedir? Erişim tarihi: 21 Ekim 2025, https://www.egm.gov.tr/siber/sibersucnedir.
Ergene, G. Ç. (2024). Avrupa Birliği Siber Dayanıklılık Yasası Yürürlüğe Girdi. Erişim Tarihi: 12 Kasım 2025.https://www.erdem-erdem.av.tr/bilgi-bankasi/avrupa-birligi-siber-dayaniklilik-yasasi-yururluge-girdi.
Europen Commission (2025) Cybersecurity. Erişim tarihi: 21 Ekim 2025, https://digital strategy.ec.europa.eu/en/policies/cybersecurity-strategy.
FI_ACTION_PLAN (2021). Implementation plan for Finland's Cyber Security Strategy 2024-2035. Erişim tarihi: 21 Ekim 2025, https://www.enisa.europa.eu/sites/default/files/ncss-map/strategies/action-plans/FI_ACTION_PLAN_2024_en.pdf
Finland’s Cyber Security Strategy (2013). Finland´s cyber security strategy. Erişim tarihi: 21 Ekim 2025, https://afyonluoglu.org/PublicWebFiles/strategies/Europe/Finland%202013%20Cyber%20Security%20Strategy-EN.pdf
GDPR Madde1 (.2025). General data protection regulation. Erişim tarihi: 21 Ekim 2025, https://gdpr-info.eu/.
Griffith, M. K. (2018). A comprehensive security approach: Bolstering Finnish cybersecurity capacity. Journal of Cyber Policy, 3(3), 407-429.
haberler.com (2025, 21 Ekim). AB güvenlik stratejisi üzerine uyarı: 'her geçen yıl geride kalıyoruz'. Erişim tarihi: 28 Ekim 2025, https://www.haberler.com/guncel/ab-guvenlik-stratejisi-uzerine-uyari-her-gecen-yil-geride-kaliyoruz-19170250-haberi/.
Igboanua, C. O., Sinkovics, R. R., ve Kuivalainen, O. (2025). The role of regional policy for Industry 4.0 adoption: A study of Finnish South Karelia. European Management Journal, 1, 1-11.
Michael, K., Herold, R. ve Roussos K. (2025). Security and regulation: Cybersecurity, privacy, and trust- protecting information and ensuring responsible technology use. Computers & Security. Available online 9 December 2025, 104804.
Ministry For Foreign Affairs To Finlad, (2025). Cyber security and the cyber domain. Erişim tarihi: 28 Ekim 2025, https://um.fi/cyber-security-and-the-cyber-domain.
Ribeiro, D., Fonte, V., Ramos, L. F., & Silva, J. M. (2025). Assessing the information security posture of online public services worldwide: Technical insights, trends, and policy implications. Government Information Quarterly, 42(2), 102031.
Ruohonen, J., Rindell, K., ve Busetti, S. (2025). From Cyber Security Incident Management to Cyber Security Crisis Management in the European Union. arXiv preprint arXiv:2504.14220.
Sağıroğlu Ş., ve Alkan, M. (2018). Siber güvenlik ve savunma farkındalık ve caydırıcılık. Ankara: Grafiker Yayınevi.
Saltzer, J. H., ve Schroeder, M. D. (1975). The protection of information in computer systems. Proceedings of the IEEE, 63(9), 1278-1308.
Sandilaç, N. (2022). Siber suç, siber terör ve siber savaş üçgeninde siber dünya. Bilişim Hukuku Dergisi, 4(1), 81-140.
Sayedi, S. O. (2020). Ulusal siber güvenlik stratejisi oluşturma süreç analizi ve Türkiye İle Afganistan'ın ulusal siber güvenlik stratejisinin değerlendirilmesi. Yüksek Lisans Tezi, Trakya Üniversitesi Fen Bilimleri Enstitüsü, Edirne.
Stokes, D., ve Whitman, R. G. (2013). Transatlantic triage? European and UK ‘grand strategy’after the US rebalance to Asia. International Affairs, 89(5), 1087-1107.
T.C. Ulaştırma Denizcilik ve Haberleşme Bakanlığı (2016-2019). 2016-2019 Ulusal siber güvenlik stratejisi. Erişim Tarihi: 18 Ekim 2025.https://hgm.uab.gov.tr/uploads/pages/siber-guvenlik/2016-2019guvenlik.pdf.
Tunca, S. (2019). Modern çağda siber güvenlik kavramı. Dumlupınar Üniversitesi İİBF Dergisi(3-4), 1-7.
Valtioneuvoston julkaisuja, (2023). Valtioneuvosto. Erişim tarihi: 21 Ekim 2025, https://julkaisut.valtioneuvosto.fi/items/647374c1-e029-476b-81c5-ba6267e6d1ab
Wolfenstein, K. (2023). Finlandiya Metaverse Stratejisi: AB ülkesi Finlandiya, 2035 yılına kadar genişletilmiş ve sanal gerçeklik (XR, VR, AR, MR) ile küresel bir öncü olmak istiyor. https://xpert.digital/tr/finlandiya-meta-veri-dizisi/
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Third Sector Social Economic Review
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
