Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and he is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon also publishes articles on The Cipher Brief, a digital, security-based conversation platform that connects the private sector with the world’s leading security experts, and is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Form factor wars: Cloud-based or on-premises security technologies?

Form factor wars: Cloud-based or on-premises security technologies?

While most organizations are willing to consider cloud-based or on-premises security solutions, nearly one-third still demand the control associated with on-premises.

5 biggest cybersecurity challenges at smaller organizations

5 biggest cybersecurity challenges at smaller organizations

Manual processes, security complexity, and a lack of support from business management plague small and midsize businesses (SMBs).

CISOs recommend future actions for their organizations

CISOs recommend future actions for their organizations

More security goals for the business, formal security processes, and increased training top the list of recommendations from chief information security officers.

The most important attributes of a cybersecurity platform

The most important attributes of a cybersecurity platform

A cybersecurity platform should have coverage across major threat vectors, central management, and technologies for prevention, detection, and response in any security platform.

The transition toward enterprise-class cybersecurity vendors

The transition toward enterprise-class cybersecurity vendors

Information security professionals working at enterprise organizations want to work with vendors that have experience with business/IT initiatives and industry knowledge.

What are small organizations doing about cybersecurity?

What are small organizations doing about cybersecurity?

Firms with 50 to 499 employees are spending more money, purchasing security product suites, and outsourcing security tasks to MSSPs.

The state of cybersecurity at small organizations

The state of cybersecurity at small organizations

Small and midsize businesses (SMBs) are being compromised due to human error, ignorance, and apathy.

Take-aways from Black Hat USA 2018

Take-aways from Black Hat USA 2018

Black Hat USA 2018 had record crowds, revealed a growing attack surface, and proved we have lots of work ahead.

Cisco buys Duo Security to address a ‘new’ security perimeter

Cisco buys Duo Security to address a ‘new’ security perimeter

Cisco's acquisition of Duo Security opens many new IAM and cloud security opportunities for Cisco, but additional work remains.

Anticipating Black Hat USA 2018

Anticipating Black Hat USA 2018

Looking forward to learning more about new developments in artificial intelligence, cloud security, enterprise risk management, and lots of other topics

Google intends to make GCP the most secure cloud platform

Google intends to make GCP the most secure cloud platform

If Google wants the world to know how secure Google Cloud Platform is and increase adoption, it must educate the market and turn up the competitive fire.

What makes CISOs successful?

What makes CISOs successful?

Leadership and communication skills top the list of what's needed to succeed as a chief information security officer (CISO), while technical skills aren’t nearly as important.

What I learned at Tufin's customer conference (Tufinnovate)

What I learned at Tufin's customer conference (Tufinnovate)

Massive network security changes, cloud adoption, and a pressing need for network security process automation were among the things discussed at Tufin's customer conference.

The new endpoint security market: Growing in size and scope

The new endpoint security market: Growing in size and scope

Massive funding rounds by CrowdStrike and Cylance demonstrate that endpoint security may be the tip of the cybersecurity spear.

Cisco poised to become a cybersecurity force

Cisco poised to become a cybersecurity force

Cisco's cybersecurity strategy focuses on product integration, an open platform, and simplifying operations for its customers. But it must do more to capture the attention of information security professionals.

Moving to central network security policy management for hybrid clouds

Moving to central network security policy management for hybrid clouds

With controls built into the infrastructure, the industry is headed toward central network security policy management (and reporting).

The rise of analyst-centric security operations technologies

The rise of analyst-centric security operations technologies

The shift of technology to meet analyst needs has altered the infosec market -- for the better.

Symantec in a position to progress and prosper

Symantec in a position to progress and prosper

Symantec has some internal challenges and increased competition, but it appears to be facing these challenges from a position of strength in the market.

Containers are here. What about container security?

Containers are here. What about container security?

ESG data indicates that cybersecurity pros have problems around the nuances of container technology and implementing container-centric security controls.

It’s time to think harder about security data management

It’s time to think harder about security data management

Organizations are running into scalability problems as they collect, process, and analyze more security data. It’s time for enterprise security data management.

Load More