Who's Who in Infosec is an ongoing series featuring profiles of security professionals and their contributions to the industry.
Mary Ann Davidson, the chief security officer at Oracle Corporation, stands behind Oracle's commitment to develop the industry's most secure database, application server and enterprise software products for its customers. Davidson, who has been at Oracle for more than 14 years, believes that security must be a design and development priority, not an afterthought, because "it's impossible to bolt down security that is not built into the product." She sees Oracle's security 'culture' as a key corporate strategy and competitive advantage in the software industry.
As Oracle's CSO, Davidson is responsible for Oracle product security, corporate infrastructure security and security policies, as well as security evaluations, assessments and incident handling.
Prior to joining Oracle in 1988, Davidson served as a commissioned officer in the U.S. Navy Civil Engineer Corps, during which she was awarded the Navy Achievement Medal. Davidson has a BSME from the University of Virginia and an MBA from the Wharton School of the University of Pennsylvania.
As a recognized authority on Internet and software security issues, Davidson has testified before Congress on information security and has spoken at numerous industry forums. Davidson advocates the adoption of security evaluation standards by the software industry similar to U.S. Federal Information Processing Standard (FIPS0-140), requiring secruity evaluations of all U.S. government IT systems involved in national security, or the International Common Criteria (ISO-15408), the de facto worldwide evaluation standard.