Oracle Information InDepth



Stay Connected

Oracle on Facebook Oracle on LinkedIn Oracle on Twitter Oracle on Youtube Oracle Blog

June 2014

Subscribe Subscribe Forward Forward

Back to the main page

New Tools Help Agencies Defend Against Today's Most Sophisticated Hackers

Government agencies have long been a favorite target for cybercriminals seeking financial gain and nation-states attempting to steal sensitive information through stealthy, advanced, ongoing attacks. As these exploits become more common and sophisticated, IT managers at federal, regional, and local agencies need new strategies to protect themselves.

Paul Laurent, Oracle public sector director of cybersecurity strategy, says, "Given the resources nation-states and criminal hackers have today, it's not enough to try to keep hackers out. There's a good possibility that an organization's internal IT systems will be breached, so agencies must also be able to detect, respond, and recover from these attacks."

Q: What new security risks should agencies be concerned with?
A: The threats to government agencies from nation-states and cybercriminals has been growing recently. In the past, these hackers focused on the private sector primarily to steal credit card data for financial fraud. But now, hackers are looking for new types of exploits, and they're targeting citizen data to use for financial gain. For example, they may want information held by agencies to take out a second line of credit on someone's house or steal medical information to get access to someone's prescription pain medication to sell illegally.

Q: How can agencies better defend themselves?
A: The National Institute of Standards and Technology (NIST) employs the best and brightest minds when it comes to developing security standards. NIST's Special Publication 800-53 provides a comprehensive set of controls for protecting against the threats to government services, citizen data, and national infrastructure such as power grids and water supplies.

Q: How does Oracle help agencies address security challenges?
A: We design our technology stack with applicable NIST standards in mind, in many cases working with NIST to certify security tools to applicable standards. For Oracle's engineered systems, that design focus gives IT managers greater visibility throughout the entire stack to detect anomalous activity. Management tools within engineered systems, such as Oracle Enterprise Manager, offer visibility into performance that can help IT managers spot problems.

Q: What other areas are important for security strategies?
A: Agencies face new security challenges from the greater use of mobile applications. Oracle Mobile Security Suite gives IT managers a way to create secure containers to protect sensitive information on mobile devices. The data doesn't reside on the device itself, but is presented and accessed in a secure, temporary session. There's no risk of the session information falling into the wrong hands if the hardware is lost or stolen. Also, the technology relies on open standards, allowing agencies the greatest flexibility in their mobile strategy and device support planning.

Another area to focus on is the valuable security information enterprises routinely collect in audit logs. Oracle Audit Vault and Database Firewall enables IT managers to perform detailed audits to help identify risks. For example, if someone attempts and fails multiple times to log into a database, the solution sends off a proactive alert. It also protects audit logs against being tampered with.

Watch a webcast featuring Paul Laurent, "Next-Generation Security to Protect Government Cyberspace."

Learn more about Oracle security solutions for the public sector.

Learn more about the full breadth of Oracle security solutions.

Learn more about Oracle solutions for mobile security.

To regularly receive more information about Oracle security and identity management solutions, subscribe to the free Oracle Security Inside Out newsletter.

Back to Top

Please send questions or comments to

This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor is it subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

  Hardware and Software, Engineered to Work Together

Contact Us | Legal Notices and Terms of Use | Privacy

Oracle Corporation


Oracle Corporation - Worldwide Headquarters, 500 Oracle Parkway, OPL - E-mail Services, Redwood Shores, CA 94065, United States

Your privacy is important to us. You can login to your account to update your e-mail subscriptions or you can opt-out of all Oracle Marketing e-mails at any time.

Please note that opting-out of Marketing communications does not affect your receipt of important business communications related to your current relationship with Oracle such as Security Updates, Event Registration notices, Account Management and Support/Service communications.