Oracle's Larry Ellison Introduces Security Cloud, A New Weapon Against Hackers
Larry Ellison said Oracle's highly automated new cloud-based security platform is a first-of-its-kind weapon in a cyberwar going on between enterprises and sophisticated hackers—a battle businesses, so far, aren't taking seriously enough.
Speaking at the OpenWorld conference in San Francisco, Oracle's founder, chairman and CTO described the company's cyber-defense system as the only product suited to combat threats often emanating from nation-state actors.
The Oracle Management and Security Cloud, "also known as the Oracle Security and Compliance Cloud," Ellison said, employs machine learning to churn through heaps of log data ingested across systems and environments, be they on-premises, in Oracle's cloud or from other providers.
[Related: Oracle Challenges AWS With Advanced Cloud Infrastructure, Cutting Edge PlatformsAnd Application Services]
"It can't be our people against their computers. We're going to lose that war," Ellison said. "And make no mistake, it’s a war."
Unlike the Oracle 18c database that Ellison unveiled Sunday, a product that also automates functionality using machine-learning algorithms, Security Cloud is not entirely self-driving. But the security cloud is more automated than any other security system on the market, he said.
It "works in conjunction with human beings to protect your data," Ellison said.
Data theft is the biggest problem in the industry – far bigger than outages, he said.
"Companies are losing the cyberwar. And it gets worse every year," Ellison said.
Consider Equifax, Ellison said, the credit reporting agency that recently suffered one of the worst data breaches in recent history.
What's particularly troubling about that hack is the more than hundred million pieces of personal identification data stolen from Equifax didn’t show up the next day on the dark web, Ellison said. That suggests "a state actor that had other uses for the data."
Think about it; companies have to defend themselves from nation-states that are stealing their data," Ellison said. "Some of these guys are very good at what they do."
Automated cyberdefense systems are needed to address the problem by detecting vulnerabilities and attacks, and immediately installing patches, like Oracle's new 18c database does.
"You can't wait for a downtime window," he told OpenWorld attendees. Companies need to think of hackers, be they criminals or nations, as a new breed of competitor.
"You don’t think of a competitor being a nation in eastern Europe who's stealing all your data," Ellison said.
Given all the hacks that have made headlines of late, and cost executives like the Equifax CEO their jobs, there's a remarkable lack of priority placed on security, he said, even among companies with highly sensitive data, like one European defense contractor he recently talked to.
"From my point of view, we don’t take the security threat very seriously," Ellison said.
Even within Oracle's organization, only the security professionals truly take security seriously. Others in the data center focus on their specific jobs, often seeing security audits as annoyances that slow them down.
"We have to elevate the priority of security in our data center, because nobody wants to be on the front page," Ellison said.
Organizations should think of getting hacked as the aviation community thinks about plane crashes—they don't tolerate them.
For pilots, safety is the first priority. For data center operators, "what is it, job 10?" Ellison said. "It's really not prioritized, and I think we need to rethink that."
Machine learning can be a game-changer in addressing the problem. It's "the most important new technology to show up for a long time," Ellison said, because it delivers on the long-awaited promise of artificial intelligence.
The Oracle Management and Security Cloud trains on the pervasive logs generated by infrastructure, database servers, platforms and applications. It identifies data patterns, abnormalities in those patterns, and makes predictions.
After raw logs are ingested and normalized, users can create queries in natural languages, asking such questions as "how many failed logins to accounts payable."
If an executive is detected "logging on in Ukraine, at a military base, that's not normal," Ellison said.
The new platform is a cloud-native cybersecurity system, meaning it was designed to run in the Oracle cloud. But it doesn’t only manage Oracle Cloud applications, but also AWS and other public clouds, and on-premises assets.
The product also integrates with Oracle Enterprise Manager, feeding information to that platform.
"You don’t have to rip and replace all the things you have to take advantage of this," Ellison said.
And automation has another added benefit—it actually costs less, he said.
It wouldn't be an Ellison keynote if a competitor didn't come under fire.
This time, Oracle's founder took some shots at Splunk, a company that "kind of invented log analytics category," Ellison said, and does "a pretty good job at log analytics."
But Splunk still struggles to ingest and enrich logs across data environments, he said. That technology can't keep track of all users and assets, doesn't have built-in machine learning and anomaly detection, and can't remediate problems.
With Splunk, "if you're both a data scientist and a programmer, you can investigate some of these logs, but it's very difficult," Ellison told OpenWorld attendees.