New Database Threats Require New Innovations in Security
By Naresh Persaud on Oct 06, 2013
If you attended Open World this year, you learned about the advances in Database 12c. As we collect more data and store our data in remote locations and the cloud, 12c restores control with advances to secure your data at the source. At the Chief Security Officer Summit at Leaders Circle, Vipin Samar discussed the changes in the security landscape that are forcing companies to re-examine how data is secured. The recent APT1 report by Mandiant highlights exactly how pervasive the threats are across every industry.
While the report covers the exploits of a specific government, the techniques being used are similar across the board. A recent report by the Ponemon Insitute noted that 43% of the most serious attacks are SQL injection attacks. The statistic implies that organizations are not as prepared to secure databases and that our most valuable data actually resides in our databases.
It seems almost every report on the state of IT security mentions database security. As an example, the PWC Global State of Information Security report provides a survey by region of database encryption. In North America alone, 53% of companies don't encrypt databases. Despite the threats, organizations are not fully responding.
The slides below provide a perspective on how a comprehensive approach to database security can set the foundation for preventing some of the most advanced threats. With Database Security 12c, there are several advances that organizations will want to focus on:
- Database Redaction - learn more here.
- Privilege Analysis - learn more here.
- Audit Vault Firewall - learn more here.
- More about security in 12c here.