Mary Ann Davidson

Mary Ann Davidson is the Chief Security Officer of Oracle Corporation.^[1]

Early life

Davidson attended the Severn School, a preparatory high school for the Naval Academy, graduating in 1976.^[2]

Career at Oracle

Davidson joined Oracle in 1988, as a product manager in Oracle's financial software business unit.^[3]

Security at Oracle

Davidson's involvement in computer security dates to 1993, when she took a position as product marketing manager in Oracle's secure systems business unit. Mary Ann Davidson is the Chief Security Officer at Oracle Corporation, responsible for Oracle Software Security Assurance. She represents Oracle on the Board of Directors of the Information Technology Information Sharing and Analysis Center (IT-ISAC), and serves on the international board of the Information Systems Security Association (ISSA). She has been named one of Information Security's top five "Women of Vision," is a Federal 100 award recipient from Federal Computer Week, and was recently named to the ISSA Hall of Fame. She has served on the Defense Science Board and as a member of the Center for Strategic and International Studies Commission on Cybersecurity for the 44th Presidency. She has testified on cybersecurity to the U.S. House of Representatives (Energy and Commerce Committee; Armed Services Committee; and Homeland Security Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology) and the U.S. Senate Committee on Commerce, Science and Technology.^{[citation needed]}

Ms. Davidson has a BSME from the University of Virginia and an MBA from the Wharton School of the University of Pennsylvania. She has also served as a commissioned officer in the U.S. Navy Civil Engineer Corps, during which she was awarded the Navy Achievement Medal. ^[3]

Criticism

In January 2005, Davidson was criticized by David Litchfield, who called on Oracle to replace Davidson, pointing to a series of delayed or ineffective security patches in Oracle's database server as evidence of "categorical failure".^[4]

In August 2015, Davidson published a blog post criticizing engineers who use static analysis tools to find and report potential vulnerabilities in Oracle software.^[5] Articles about her post soon appeared on technology news sites, where comments were extremely critical of its content and tone.^[6][7] The post was subsequently removed.^[6]

In December 2015, while Davidson was still Oracle's Chief Security Officer, Oracle agreed to settle Federal Trade Commission charges that it deceived consumers about the security provided by updates to its Java Platform, Standard Edition software (Java SE).

Under the terms of a proposed consent order, Oracle will be required to give consumers the ability to easily uninstall insecure, older versions of Java SE.^[8][9]

References

1. ↑ Lua error in package.lua at line 80: module 'strict' not found.
2. ↑ Lua error in package.lua at line 80: module 'strict' not found.
3. ↑ ^{3.0 3.1} Lua error in package.lua at line 80: module 'strict' not found.
4. ↑ Lua error in package.lua at line 80: module 'strict' not found.
5. ↑ Lua error in package.lua at line 80: module 'strict' not found.
6. ↑ ^{6.0 6.1} Lua error in package.lua at line 80: module 'strict' not found.
7. ↑ Lua error in package.lua at line 80: module 'strict' not found.
8. ↑ Lua error in package.lua at line 80: module 'strict' not found.
9. ↑ Lua error in package.lua at line 80: module 'strict' not found.

External links

• Oracle blog