The US Trade and Development Agency (USTDA) will host a delegation of cybersecurity and artificial intelligence decision-makers from Turkey May 9-20 for talks on critical infrastructure protection, AI regulation and commercial cooperation with US technology companies, the agency announced on Wednesday.
The 15-member delegation will travel to Washington, DC, and Silicon Valley, where they are expected to meet with US companies, attend technology demonstrations and discuss advanced tools aimed at protecting critical infrastructure from cyber threats.
USTDA said the visit comes as Turkey seeks to modernize its cybersecurity infrastructure by incorporating AI and other advanced technologies to defend critical systems against increasingly sophisticated attacks.
The delegation will also meet with US government officials to discuss policy and regulatory frameworks for AI and cybersecurity. The program includes a visit to the National Institute of Standards and Technology (NIST), where delegates will be briefed on cybersecurity frameworks, AI risk management, standards development and applied research.
NIST, part of the US Department of Commerce, is known for its Cybersecurity Framework, a widely used model that helps governments and companies reduce cybersecurity risks. Its AI Risk Management Framework is intended to guide organizations in developing and using AI systems in a way that accounts for safety, reliability, transparency and accountability.
The visit will also include panel discussions hosted on Capitol Hill.
USTDA said it will hold a public business briefing in San Francisco on May 19, where US companies will be able to hear directly from the Turkish delegation about upcoming commercial opportunities and meet with delegates individually to present cybersecurity solutions.
The agency said Turkey’s rapidly expanding digital ecosystem has made cybersecurity for critical infrastructure a national priority. Critical infrastructure typically includes sectors such as energy, transportation, telecommunications, finance, water systems and public services, where a cyberattack could disrupt daily life, economic activity or national security.
Turkey has in recent years moved to centralize its cybersecurity policy, framing cyber defense as a national security issue.
AI in cybersecurity generally refers to tools that can analyze large volumes of network data, detect unusual activity, identify possible attacks, support incident response and help security teams prioritize threats.
However, such systems raise questions about oversight, reliability, data protection and dependence on foreign technology providers.
Rights groups have warned that Turkey’s cybersecurity push is unfolding in a broader climate of digital repression, where the government has used national security, disinformation and cybercrime arguments to expand control over online speech and access to information.
The criticism has focused in particular on Turkey’s cybersecurity law, which entered into force in March 2025.
The Committee to Protect Journalists (CPJ) said the law could criminalize legitimate reporting on cybersecurity incidents because of its “overly broad and vague language,” including provisions that penalize reporting on data leaks unless the incident is confirmed by Turkish authorities.
CPJ’s Turkey representative Özgür Öğret said empowering the government to decide whether a leak occurred raises “the risk of broader censorship.”
Freedom House, which rated Turkey “Not Free” in its 2025 Freedom on the Net report, said internet freedom in the country remained restricted through website blocking, content removal orders, social media throttling and criminal cases against journalists, activists and social media users. The group said the new cybersecurity law contains provisions that could stifle free expression and privacy online.
The law created a centralized cybersecurity structure under a cybersecurity directorate, which has broad powers to regulate the sector, set standards, certify cybersecurity providers, collect and store data after cyber incidents and carry out searches and seizures with a court warrant or, in urgent cases, a prosecutor’s order subject to later court approval.
Turkey’s Freedom of Expression Association (İFÖD) has said the law violates the principle of legality, lacks institutional clarity and threatens privacy, personal data protection and press freedom. Opposition lawmakers have also argued that the law gives the government excessive discretion over what counts as critical infrastructure and how cyber-related information may be reported.