CISO Perspectives: Using the Oracle Cloud Infrastructure (OCI) CIS Landing Zone for Security & Compliance

March 14, 2024 | 3 minute read
Leia Manchanda
Field CISO
Text Size 100%:


The OCI CIS Landing Zone – if you are in OCI you’ve likely heard of it – but why is it so important and what does it really mean to you. 

At Oracle we have over 45 years of experience securing data and systems to meet the most rigorous requirements. We know that protecting your most valuable data is paramount regardless of where it resides. It’s not an option or a nice to have - it’s foundational, so we made sure OCI delivers a secure cloud, building trust and protecting your most valuable data.

Oracle Cloud Infrastructure is designed to protect customer workloads with a security-first approach across compute, network, and storage—down to the hardware. To achieve this OCI provides the OCI CIS Landing Zone, a set of services and components that are deployed in Oracle Cloud Infrastructure (OCI) tenancies to establish a secure and scalable foundation for running enterprise workloads each time, every time.

But how do you know if meets your organizations compliance requirements?

Benchmarks & Controls

We’ve established that security is foundational in OCI, but to ensure industry best practices Oracle has aligned the controls in the OCI Landing Zone to the Center for Internet Security (CIS) OCI Benchmark.  The CIS Benchmarks are prescriptive configuration recommendations that represent the consensus-based effort of cybersecurity experts globally including the to help you protect your systems against threats more confidently.

The CIS Benchmarks work together with the CIS Critical Security Controls, a concise list of high-priority, highly effective defensive actions that provide a “must-do, do-first” starting point for every enterprise seeking to improve their cyber hygiene.  While the controls prescriptive actions, the Benchmarks are guidelines for secure configurations that are referenced throughout the CIS Controls.  The two work together to help simplify threat protection.

Oracle knows that there is one more step in achieving good cybersecurity, it’s the time-consuming task of complying with multiple policy, regulatory, and legal security frameworks.

Efficiencies for Cybersecurity Compliance

Knowing customers have a multitude of compliance obligations, Oracle chose carefully when it set out to establish a standardized, repeatable way to secure new tenancies.  While the CIS Controls and Benchmarks are not a replacement for any existing regulatory, compliance, or authorization scheme, they create an onramp to comply with most major compliance frameworks such as the NIST Cybersecurity Framework, NIST 800-53, ISO 27000 series and regulations such as PCI DSS, HIPAA, NERC CIP, and FISMA. When customers leverage the OCI CIS Landing Zone they enable a simple roadmap using the CIS Mapping and Compliance best practices and tools available on the CIS Mapping and Compliance page.

Additionally, CIS offers CIS Secure Suite to support organizations in implementing and assessing compliance with industry frameworks.  CIS Secure Suite membership provides sclable, customizable tools and resources to assess endpoint configurations, measure compliance to CIS Benchmarks, and conduct, track and assess implementation to CIS Security controls quickly and easily.

In Closing

By mapping the OCI CIS Landing Zone to the CIS Benchmarks Oracle has simplified Compliance for customers and provided a level of assurance that when coupled with good operational security practices creates an environment where customers can safely and securely store and process their most critical data.

To learn more about the OCI Landing Zone or the Center for Internet Security visit the links in this article or contact your Oracle partner for help. 

Leia Manchanda

Field CISO

Previous Post

OTM Logistics Digital Assistant using Fusion Paired ODA instance

Shreenidhi Raghuram | 6 min read

Next Post

How To Parse the CPQ Configuration Pipeline Viewer

Shea Nolan | 2 min read