Oracle Support |

Cybercrime is real. By 2021, estimates say the annual worldwide cost of cybercrime damages will reach $6 trillion.¹ Sixty-five percent of organizations say their in-house security capabilities are adequate —yet 80% have been negatively affected by a cybersecurity attack in the last year.²

The average cost of a data breach in 2016 was $3.6 million.³  Many businesses never recover from the fallout. They face exposure of sensitive and proprietary information, operational disruption, system and file restoration, and fines and litigation. It may be more challenging to overcome the damage to their reputation and brand and the loss of their customers’ and employees’ trust.

Governments See A Growing Threat

The E.U. General Data Protection Regulation (GDPR) provides a single set of rules to enhance data privacy and guarantee the security of personal data and data processing that will be enforceable May 25, 2018. Noncompliance or violation can lead to substantial fines.

“The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world that is vastly different from the time in which the 1995 directive was established.”⁴

EUGDPR.org

Don’t Put Your Investment at Risk: Secure Oracle Software with Oracle Support

Security patching is essential for securing enterprise software, including Oracle’s. If you can’t access the source code, you can’t develop security patches for it. That leaves your software open to attack and your business open to risk.

“It is necessary for all organizations to establish a strong ongoing patch management process to ensure the proper preventive measures are taken against potential threats.”⁵

United States Computer Emergency Readiness Team
U.S. Department of Homeland Security

Oracle Support is the best way to legally receive mission-critical security updates and protection for your Oracle software. Oracle creates and owns the source code and can identify and address vulnerabilities and emerging threats in the source code.

Oracle Software Security Assurance (OSSA) is Oracle’s methodology for building security into the design, build, testing and maintenance of its products. Oracle’s goal is to ensure that the products are helping customers meet their security requirements while providing for the most cost-effective ownership experience.

Oracle provides reliable security updates to the source code with security at every level—in every layer of the software stack and with regression testing across the full stack. Oracle has the tools, experience, and knowledge to provide proactive change management processes, a uniform release management process, and ongoing and unparalleled innovation.

Predictable Critical Patch Updates

The Critical Patch Update (CPU) is the primary mechanism for the back-port of all security bug fixes for all Oracle products. Critical Patch Updates are released quarterly. Oracle issues Security alerts for vulnerability fixes deemed too critical to wait for distribution in the next CPU. Check the Security Alerts and Critical Patch Updates page for information about all previously released Security Alerts and Critical Patch Updates and links to download security patches.

The release frequency for issuing the CPUs (quarterly) and the predictability of the CPU releases (fixed schedule) allows Oracle customers to develop recommendations for leveraging the Critical Patch Update and maintaining a proper security posture and a repeatable and cost­effective process for patching their Oracle systems.

Stay on top of the evolving security landscape, subscribe to security notifications from Oracle. You will receive an e%u2014mail reminder at the time of the publication of each CPU. Premier Support Oracle Premier Support customers will also see a message about the availability of the CPU when they log onto the My Oracle Support portal.

Simplified Product Patch Management

Patch updates are cumulative for many Oracle products. This provides customers the ability to quickly “catch up” to the current security release level since the application of the latest cumulative CPU resolves all previously addressed vulnerabilities.

Get Proactive and Get More from Oracle Support

Oracle invests heavily in enterprise support and ongoing innovation and delivers complete hardware and software coverage through our world-class support personnel and technologies. Oracle Support’s Get Proactive! program provides guidance to Oracle Premier Support customers related to three key customer objectives:

• Prevent—maintain optimal system health and performance and prevent known problems and vulnerabilities from impacting operations.
• Resolve—rapidly identify and resolve issues to minimize or negate downtime and free up resources for critical projects.
• Upgrade—remove risk and time from the upgrade process, enabling cost savings and faster adoption of new product capabilities.

You’ll find information regarding recommended tools, resources, and best practices, organized by objective and by-product You can learn more, and access the patching resources, on My Oracle Support’s Get Proactive page, choose your product area to begin.

My Oracle Support Resources

With Oracle Premier Support, you have access to a wealth of tools and resources, including My Oracle Support’s product-specific information centers or use the Quick Reference Guide for Search and Patches & Updates to search for the topic you need in My Oracle Support. You can find knowledgebase articles that have key links to security updates, resources, and vulnerabilities, focus on overall security, and product-specific patching. Learn more about patching resources available in My Oracle Support for various Oracle products, including Oracle Database, Oracle E-Business Suite, Oracle PeopleSoft, and more.

Get More From Oracle

When your business is on the line, there is no substitute for trusted, secure, and comprehensive support.

Learn More:

• Is Your Software Vulnerable to Cybercrime? (infographic)
• Oracle’s Security Vulnerability Remediation Practices
• Software Patching is Critical for Solid Security and Reduced Risk
• Oracle Premier Support
• My Oracle Support’s Get Proactive page (Doc ID 432.1)

Footnotes
1. cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016
2. http://https://business.att.com/content/productbrochures/att-cybersecurity-insights-vol-six-executive-summary-brief.pdf
3. https://ibm.com/security/data-breach
4. https://www.eugdpr.org/key-changes.html
5. https://www.us-cert.gov/ncas/alerts/TA15-119A