Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and he is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon also publishes articles on The Cipher Brief, a digital, security-based conversation platform that connects the private sector with the world’s leading security experts, and is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

5 persistent challenges security pros face

The cybersecurity skills shortage is getting worse

The cybersecurity skills shortage is getting worse

New research from ESG and ISSA illustrates a lack of advancement in bridging the cybersecurity skill shortage gap.

Bracing for the security data explosion

Bracing for the security data explosion

Organizations must prepare for collecting, processing, analyzing, and acting upon terabytes of security data.

3 XDR market challenges

3 XDR market challenges

XDR is a promising concept, but XDR vendors face deployment challenges and competition on several fronts.

10 security changes post-COVID-19

10 security changes post-COVID-19

CISOs must anticipate burgeoning needs for distributed security scale, intelligence, and self-service.

10 things you should know about XDR

10 things you should know about XDR

An initiative more than a technology, XDR seeks to simplify and unify security technologies to make the whole greater than the sum of its parts.

4 tips for a successful cyber threat intelligence program

4 tips for a successful cyber threat intelligence program

COVID-19 has opened the cyberattack floodgates; defenders need strong cyber threat intelligence (CTI) analysis, operationalization and sharing. Here's how to get more from your CTI program.

4 ways automated penetration testing tools can help mitigate COVID-19 related risks

4 ways automated penetration testing tools can help mitigate COVID-19 related risks

New tools map attack surface, test security controls, and behave like cyber-adversaries.

Work from home, phase 2: What comes next for security?

Work from home, phase 2: What comes next for security?

Phase 1 was all about employee access, network communications confidentiality/integrity, and basic endpoint security. The next phases will move quickly from risk assessment to mitigation.

3 ways COVID-19 is changing CISO priorities

3 ways COVID-19 is changing CISO priorities

The scramble to enable remote workers changes security strategies, priorities, and workflows for 2020.

Toward a common UI for security operations

Toward a common UI for security operations

New dashboards and visualization tools could improve personnel training, and SOC productivity while streamlining security operations.

RSA 2020: 7 trends and takeaways

RSA 2020: 7 trends and takeaways

Attendance down, costs up, and lots of tech talk

Load More