Greg Gagnon's Professional Page

Greg Gagnon, CISSP
Insight Solution Director
Security Solution Specialist
North American Sales - Technology
Oracle Corporation

Security Solution Specialist

As a Security Solution Specialist I am a technologist focusing on those portions of the Oracle Technology stack that support database security, Identity and Access Management (IAM), compliance, content management, and litigation discovery. It is my responsibility to ensure we understand our customer's needs in these areas and that they fully understand our capabilities. Since Oracle has been investing so heavily in this area, we have had a lot of change. It is important for us to communicate to our customers the new state of the sector at Oracle.

Database Security has long been a focus at Oracle. To better serve our customer's needs we have moved into Identity and Access Management for all products, not just Oracle's. Compliance and reporting is served by all of our products and their centralized, standardized approaach to privilege, identity, and data management. Because of that, and the proliferation of unstructured data, we have moved into Content Management. We are just beginning to see all of these technologies applied to reducing the cost and effort involved in Litigation Discovery.

Insight Solution Director

As an Insight Solution Director I am the Security Subject Matter Expert supporting the Insight Program. In the Insight program we conduct extensive interviews with customers from all of their lines of business. Our objective is to help customers discover their current condition, define their target condition, and design a reasonable road map to get them there. It is very process-oriented, and is designed to assist in planning and internal change management.

Professional Organizations
The International Information Systems Security Certification Consortium, Inc. (ISC)˛
ISC2 Home Page
Founded in 1989 by industry leaders, (ISC)˛ issues the Certified Information Systems Security Professional (CISSP®) and related concentrations: Information Systems Security Architecture Professional (ISSAP®), Information Systems Security Management Professional (ISSMP®) and Information Systems Security Engineering Professional (ISSEP®); the Certification and Accreditation Professional (CAPCM); and the Systems Security Certified Practitioner ((SSCP®) credentials to those meeting the necessary competency requirements. Several of (ISC)˛'s credentials meet the stringent requirements of ANSI/ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel.

ISACA Home Page
ISACA Overview and History
ISACA got its start in 1967, when a small group of individuals with similar jobs—auditing controls in the computer systems that were becoming increasingly critical to the operations of their organizations—sat down to discuss the need for a centralized source of information and guidance in the field. In 1969, the group formalized, incorporating as the EDP Auditors Association. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge and value of the IT governance and control field.
Today, ISACA’s membership—more than 65,000 strong worldwide—is characterized by its diversity. Members live and work in more than 140 countries and cover a variety of professional IT-related positions—to name just a few, IS auditor, consultant, educator, IS security professional, regulator, chief information officer and internal auditor. Some are new to the field, others are at middle management levels and still others are in the most senior ranks. They work in nearly all industry categories, including financial and banking, public accounting, government and the public sector, utilities and manufacturing. This diversity enables members to learn from each other, and exchange widely divergent viewpoints on a variety of professional topics. It has long been considered one of ISACA’s strengths. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves.

The SANS (SysAdmin, Audit, Network, Security) Institute
The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.