Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and he is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon also publishes articles on The Cipher Brief, a digital, security-based conversation platform that connects the private sector with the world’s leading security experts, and is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Enterprises need to embrace top-down cybersecurity management

IBM sets forth with a strong cybersecurity message

IBM sets forth with a strong cybersecurity message

IBM has a strong cybersecurity message, but there's a gap between IBM security and its corporate vision. If IBM can bridge this gap, it can carve out a unique market position.

Cyber risk management: There's a disconnect between business and security teams

Cyber risk management: There's a disconnect between business and security teams

Business managers want real-time cyber risk management metrics, but cybersecurity teams can only deliver technical data and periodic reports. That gap needs to close.

The problems plaguing security point tools

The problems plaguing security point tools

Security point tools generate too many alerts, create a strain on operational resources, and make security operations complex and time consuming, new ESG research shows.

The cybersecurity skills shortage is getting worse

The cybersecurity skills shortage is getting worse

More than half of organizations report a “problematic shortage” of cybersecurity skills, and there is no end in sight.

2019 will be the year of cloud-based cybersecurity analytics/operations

2019 will be the year of cloud-based cybersecurity analytics/operations

Demand- and supply-side changes will move security information and event management (SIEM) from on premises to the public cloud.

Security operations activities to watch in 2019

Security operations activities to watch in 2019

Open-source software and industry initiatives, such as MITRE ATT&CK framework and Apache Kafka, will contribute to security operations in 2019.

Cyber risk management continues to grow more difficult

Cyber risk management continues to grow more difficult

Primary reasons why cyber risk management is more difficult include increasing workloads, sophisticated threats, and more demanding business executives.

It's time for a new cyber risk management model

It's time for a new cyber risk management model

An overwhelming attack surface, voluminous vulnerabilities, sophisticated threats, and new business requirements demand a new cyber risk management model.

Best-of-breed security products still dominate -- kind of

Best-of-breed security products still dominate -- kind of

CISOs want products that can prevent, detect, and respond to cyber attacks, but they also consider product consolidation and integration.

8 features a cybersecurity technology platform must have

8 features a cybersecurity technology platform must have

Cybersecurity professionals ranked the most important attributes of a cybersecurity technology platform according to strict definitions that meet their requirements.

Cybersecurity professional impressions on cloud-native security

Cybersecurity professional impressions on cloud-native security

Organization use cloud-native security controls, but they really want central management for cloud security across heterogeneous clouds.

Load More