Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and he is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon also publishes articles on The Cipher Brief, a digital, security-based conversation platform that connects the private sector with the world’s leading security experts, and is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Top 5 attack surface challenges related to security operations

Five things security pros want from CNAPP

Five things security pros want from CNAPP

New research reveals what practitioners believe is most important for cloud security technology.

Cybersecurity is a constant fire drill—that’s not just bad, it’s dangerous

Cybersecurity is a constant fire drill—that’s not just bad, it’s dangerous

Security efforts based on heroism and tribal knowledge can’t scale. CISOs must address this situation as soon as possible.

5 things security pros want from XDR platforms

5 things security pros want from XDR platforms

New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform.

Bye-bye best-of-breed?

Bye-bye best-of-breed?

ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process.

SOC modernization: 8 key considerations

SOC modernization: 8 key considerations

Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole.

5 ways to improve security hygiene and posture management

5 ways to improve security hygiene and posture management

Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies.

Operationalizing a “think like the enemy” strategy

Operationalizing a “think like the enemy” strategy

MITRE ATT&CK and new security technology innovation make this possible.

Security asset management should be buttoned down.  It isn’t.

Security asset management should be buttoned down. It isn’t.

Organizations struggle to understand what assets they have and whether they are at risk. This opens the door for exploitation.

Look for attack surface management to go mainstream in 2022

Look for attack surface management to go mainstream in 2022

Many organizations struggle to discover, classify, and manage Internet-facing assets, leaving them vulnerable to attack. In 2022, they will finally do something to address this.

Security hygiene and posture management: A 2022 priority

Security hygiene and posture management: A 2022 priority

Disjointed tools and manual processes provide an incomplete and unacceptable picture of cyber-risk.

Will XDR modernize the SOC?

Will XDR modernize the SOC?

Organizations are both adopting XDR technology and modernizing the SOC. New ESG research points to areas of potential overlap and even conflict between those two initiatives.

Load More