Oracle Information InDepth



Stay Connected

Database Security

Oracle on Twitter Oracle on Facebook Oracle Blog

Identity Management

Oracle Identity Management on Twitter Oracle Identity Management on Facebook Oracle Blog 

June 2013

Subcribe Subscribe Share Forward

Back to the main page

New Study: Increased Security Spending Still Not Protecting Right Assets


Results of the survey indicate that most resources are allocated to network-level security even though most risks are present at the database level.

Despite widespread belief that database breaches represent the greatest security risk to their business, organizations continue to devote a far greater share of their security resources to network assets rather than database assets, according to a new report issued by CSO and sponsored by Oracle.

Based on responses from more than 100 IT security decision-makers, the study finds that 52 percent of respondents believe a breach of their databases would represent the most severe damage to their organization. By contrast, only 34 percent cited damage to network resources as the most severe risk. Yet survey respondents say their organizations spend only 15 percent of their resources on database security, while network resources receive a whopping 67 percent.

“Because critical systems such as databases sit deep within the security perimeter of the data center, IT organizations often underestimate the risks to these systems despite the fact that they contain the most vital and valuable information,” says Vipin Samar, vice president of Oracle Database Security. “This unbalanced ratio of resources to risk is leaving many organizations’ applications and data vulnerable to attacks both internally and externally.”

Clear Need for Inside-Out Approach to Security
Given the concern about database security, it makes sense that 66 percent of all respondents report that they take an "inside-out" approach to security, which involves a strong emphasis on database security as well as application security and good governance of user access.

However, budgetary reality tells another story, with more than four times as many resources going to network security as database security.

Security Where Data Lives
To safeguard data where it lives—in the database—Oracle's comprehensive database security portfolio ensures data privacy, protects against insider threats, and enables regulatory compliance for both Oracle and non-Oracle Databases. Tools include

  • Database activity monitoring and blocking
  • Privileged user and multifactor access control
  • Transparent data encryption
  • Consolidated auditing and reporting
  • Secure configuration management
  • Data masking

Read the CSO report.

Find out more about Oracle Database security solutions.

Back to Top

Please send questions or comments to

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.

Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

  Hardware and Software, Engineered to Work Together Contact Us | Legal Notices and Terms of Use | Privacy Statement
Oracle Corporation


Oracle Corporation - Worldwide Headquarters, 500 Oracle Parkway, OPL - E-mail Services, Redwood Shores, CA 94065, United States

Your privacy is important to us. You can login to your account to update your e-mail subscriptions or you can opt-out of all Oracle Marketing e-mails at any time.

Please note that opting-out of Marketing communications does not affect your receipt of important business communications related to your current relationship with Oracle such as Security Updates, Event Registration notices, Account Management and Support/Service communications.