{"id":14643,"date":"2025-08-19T19:26:09","date_gmt":"2025-08-19T19:26:09","guid":{"rendered":"https:\/\/newestek.com\/?p=14643"},"modified":"2025-08-19T19:26:09","modified_gmt":"2025-08-19T19:26:09","slug":"surprise-departure-of-oracle-security-chief-as-company-shifts-focus-to-ai","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=14643","title":{"rendered":"Surprise departure of Oracle security chief as company shifts focus to AI"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

Oracle\u2019s veteran chief security officer Mary Ann Davidson is leaving the company unexpectedly, ending a career in senior management spanning almost four decades.<\/p>\n

A prominent figure at the company since joining in 1988 from the US Navy, Davidson was among a select group of surviving senior employees from that era. Inevitably, this means that her departure, leaked<\/a> to Bloomberg by an internal source, will be seen by some as holding deeper significance.<\/p>\n

The timing could, of course, be simple coincidence. According to Bloomberg, in March this year the company began an undisclosed round of layoffs in its cloud division and across management roles, estimated to have shaved possibly hundreds of roles from a global workforce of 160,000.<\/p>\n

With the company silent about the details, this month saw further lay-offs on a reportedly similar scale. The reductions are widely interpreted as an attempt to funnel money into the AI investments the company is having to make, including those to support the huge Stargate Project<\/a> platform deal that will see it run OpenAI workloads.<\/p>\n

Although no official announcement has been made about Davidson\u2019s departure, it comes at a critical moment for Oracle, which earlier this year was widely condemned<\/a> for its handling of a potentially serious data breach that it repeatedly downplayed.<\/p>\n

Patching troubles<\/h2>\n

As one might expect for someone who\u2019s been in or around Oracle security for so long, Davidson\u2019s time has not been without controversy.<\/p>\n

The first came beginning in 2004, when the company was heavily criticized<\/a> by British database bug hunter David Litchfield for its tardiness in patching the rising volume of security flaws then being discovered in its products. Unwisely, Oracle and Davidson pushed back, leading to an ongoing public war of words they eventually quietly backed away from.<\/p>\n

More recently, in 2015, came the infamous \u201cNo, you really can\u2019t\u201d controversy around a corporate blog of that title that Davidson used to call out customers \u201creverse engineering our code to attempt to find security vulnerabilities in it. <Insert big sigh here.>\u201d<\/p>\n

\u201cThis is why I\u2019ve been writing a lot of letters to customers that start with \u2018hi, howzit, aloha\u2019 but end with \u2018please comply with your license agreement and stop reverse engineering our code, already,\u2019\u201d she wrote in a post whose contents were later re-published<\/a> on Seclists.org.<\/p>\n

As criticism mounted, Oracle found itself beating another retreat, quickly taking down the article while stating: \u201cWe removed the post as it does not reflect our beliefs or our relationship with our customers.\u201d<\/p>\n

Full disclosure<\/h2>\n

In fairness, Oracle was far from alone in being slow to adopt the idea that software vendors needed to turn patching into a core security function while acknowledging that vulnerability hunters were allies in disguise rather than enemies.<\/p>\n

Nevertheless, occasional missteps have continued up to the present, most recently in the evasive and confused reporting of an alleged breach of Oracle servers earlier this year by an attacker exploiting a known vulnerability, CVE-2021-3558.<\/p>\n

The company\u2019s initial response<\/a> was to send customers emails denying that a breach had happened, before later conceding that, while an incident had occurred, it involved \u201ctwo obsolete servers\u201d not used to store important customer data.<\/p>\n

The impression was of a company disclosing as little as possible in the hope that customers might not notice and journalists would eventually stop asking questions. There is no suggestion that this strategy was Davidson\u2019s doing, although given her history of publicly downplaying critical issues, arguably she should have stepped in sooner.<\/p>\n

\u201cThe breach at Oracle falls under SEC disclosure rules. If it was downplayed or not reported properly, that could be significant,\u201d commented Timothy J. Marley<\/a> of US cyber security consultancy Prism One. However, connecting her departure to the recent breach was probably going too far.<\/p>\n

\u201cYou almost never see that sort of tenure in security leadership. Honestly, I wouldn\u2019t be shocked if she simply decided it was the right moment to step aside,\u201d Marley said.<\/p>\n

More likely, however, is that Oracle is now undergoing a generational shift to younger executives more attuned to AI. \u201cAI is forcing all of us to rethink our strategies and tactical solutions,\u201d he said. \u201cWe\u2019re doing our best to prepare for an uncertain future. For those of us who\u2019ve been around a while, it really is about adapting quickly or risking being left behind.\u201d<\/p>\n

In addition, according to Brad Shimmin<\/a>, VP & practice lead at analyst company The Futurum Group, the advent of AI was more than a simple segue into a new market sector for Oracle, and challenged its long-held assumptions about security.<\/p>\n

\u201cAI itself has changed the way companies and attackers view the security landscape, not only elevating the stakes and radically expanding the attack surface, often beyond the confines of current experience and knowledge,\u201d Shimmin said.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Oracle\u2019s veteran chief security officer Mary Ann Davidson is leaving the company unexpectedly, ending a career in senior management spanning almost four decades. A prominent figure at the company since joining in 1988 from the US Navy, Davidson was among a select group of surviving senior employees from that era. Inevitably, this means that her departure, leaked to Bloomberg by an internal source, will be… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14643","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14643","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14643"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14643\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14643"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14643"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14643"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}