In order to better address cyber-crime which is a really complex subject and also the focus of our studies we have developed a casual model and related different cyber-crime types to their impacts on the economy of Turkey. The model provides a simple framework to evaluate each cyber-crime types in line with their impacts on citizens, enterprises and the Government. We have used the model to match cyber-crime types with a number of certain categories of economic impact which are generally appropriate for the parameter types used in macroeconomic models of Turkey. For the next step, we have calculated the magnitude of cyber-crime costs by using three-point estimates (worst-case, most-likely case and best-case) focusing on IP theft and industrial espionage and their effects on different industry sectors.

Our evaluations are based on estimates and predictions rather than specific cyber-crime examples. We have benefitted from the information obtained from business, law enforcement and economics experts from many public and private organizations. We express our sincere thanks to all those individuals and organizations contributing to this study with their in-depth knowledge.

In our most-likely scenario, we have concluded that the cost of cyber-crime to Turkey is 27 billion TL annually. The majority of this cost comes from intellectual property theft. We have estimated that this cost is around 9,2 billion TL annually. According to the worst-case scenarios, the real impact of cyber-crime is much greater.

Our study shows that cyber-crime has many impacts on citizens and the Government. However, the main loser, with a total estimated cost of 23 billion TL, is Turkish business. The rates of intellectual property and espionage are considerably high. Cyber-crime is mostly observed in providers of software and computer, financial services, pharmaceutical and biotech industry, electronic and electrical equipment suppliers.

Every public institution in the Republic of Turkey can be the focus of cyber-attacks. Software, security products and investments consider public institutions as an income source. This income source, however, puts security processes of public institutions at risk apart from providing positive results in some aspects. At this point, UITSEC security teams improve security processes of public institutions with its 100% Turkish personnel.