Oracle 2013 Annual Report Download - page 24

Download and view the complete annual report

Please find page 24 of the 2013 Oracle annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 151

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151

Table of Contents
If our security measures for our software, hardware, services or Oracle Cloud offerings are compromised and as a result, our data, our
customers’ data or our IT systems are accessed improperly, made unavailable, or improperly modified, our products and services may be
perceived as vulnerable, our brand and reputation could be damaged, the IT services we provide to our customers could be disrupted, and
customers may stop using our products and services, all of which could reduce our revenue and earnings, increase our expenses and expose
us to legal claims and regulatory actions.
We are in the information technology business, and our products and services, including our Oracle
Cloud offerings, store, retrieve, manipulate and manage our customers’
information and data as well as our own. We have a reputation for secure
and reliable product offerings and related services and we have invested a great deal of time and resources in protecting the integrity and security
of our products, services and the internal and external data that we manage.
Nevertheless, we encounter attempts by third parties to identify and exploit product and service vulnerabilities, penetrate or bypass our security
measures, and gain unauthorized access to our software, hardware and cloud offerings, networks and systems, any of which could lead to the
compromise of the confidential information or data of Oracle or our customers. Computer hackers and others may be able to develop and deploy
IT related viruses, worms, and other malicious software programs that could attack our products and services, exploit potential security
vulnerabilities of our products and services, create system disruptions and cause shutdowns or denials of service. This is also true for third party
products or services incorporated into our own. Data may also be accessed or modified improperly as a result of employee or supplier error or
malfeasance and third parties may attempt to fraudulently induce employees or customers into disclosing sensitive information such as user
names, passwords or other information in order to gain access to our data, our customers’ data or our IT systems.
Although this is an industry-wide problem that affects other software and hardware companies, it affects Oracle in particular because computer
hackers tend to focus their efforts on the most prominent IT companies, and they may focus on Oracle because of our reputation for, and
marketing efforts associated with, having secure products and services. These risks will increase as we continue to grow our cloud offerings and
store and process increasingly large amounts of our customers’ confidential information and data and host or manage parts of our customers’
businesses in cloud-based IT environments, especially in customer sectors involving particularly sensitive data such as health sciences, financial
services and the government. We also have an active acquisition program and have acquired a number of companies, products, services and
technologies over the years. While we make significant efforts to address any IT security issues with respect to our acquisitions, we may still
inherit such risks when we integrate these acquisitions within Oracle.
If a cyber attack or other security incident described above were to allow unauthorized access to or modification of our customers’ data or our
own data or our IT systems or if the services we provide to our customers were disrupted, or if our products or services are perceived as having
security vulnerabilities, we could suffer significant damage to our brand and reputation. Customers could lose confidence in the security and
reliability of our products and services, including our cloud offerings, and perceive them to be not secure. This in turn could lead to fewer
customers using our products and services and result in reduced revenue and earnings. The costs we would incur to address and fix these security
incidents would increase our expenses. These types of security incidents could also lead to lawsuits, regulatory investigations and claims and
increased legal liability, including in some cases contractual costs related to customer notification and fraud monitoring.
Further, as regulatory focus on privacy issues continues to increase and worldwide laws and regulations concerning the protection of personal
information expand and become more complex, these potential risks to our business will intensify. Changes in laws or regulations associated
with the enhanced protection of certain types of sensitive data, such as healthcare data or other personally identifiable information, could greatly
increase our cost of providing our products and services.
20
there are changes in information technology trends that we do not adequately anticipate or address with our product development
efforts;
we do not timely optimize complementary product lines and services; or
we fail to adequately integrate, support or enhance acquired product lines or services.