Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and he is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon also publishes articles on The Cipher Brief, a digital, security-based conversation platform that connects the private sector with the world’s leading security experts, and is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Thinking about identity management for the RSA Security Conference

Thinking about identity management for the RSA Security Conference

Password elimination, software-defined perimeter, and the need for security to “own” identity should be highlighted at the RSA Conference.

Why Splunk acquired Phantom

Why Splunk acquired Phantom

With the purchase of Phantom, SIEM leader Splunk wants to capitalize on market momentum and add to its security operations and analytics platform architecture (SOAPA).

GDPR is coming, and many organizations aren’t ready

GDPR is coming, and many organizations aren’t ready

Many firms still need to deploy security controls and implement solid incident response plans to meet the GDPR deadline in May

What’s on CISOs Minds in 2018?

Business risk, the cyber supply chain, attackers, data security and awareness training top the list

Endpoint security suites must have these features

Endpoint security suites must have these features

Endpoint security vendors must be a one-stop endpoint security shop -- providing such things as anti-malware, anti-exploit, EDR and hybrid deployment options -- if they want to compete.

Cybersecurity job fatigue affects many security professionals

Cybersecurity job fatigue affects many security professionals

Infosec professionals face occupational hazards such as long hours, high stress levels, and career frustration that can lead to mental health issues.

Cloud computing chaos is driving identity management changes

Cloud computing chaos is driving identity management changes

Cloud and mobility are exacerbating problems in an already-fragile IAM infrastructure. This will drive changes to single sign-on, multi-factor authentication, IAM centralization, and skills.

Enterprise plans for security automation and orchestration

Enterprise plans for security automation and orchestration

Organizations want to merge threat intelligence with internal security telemetry, add custom functionality for security operations, and automate remediation tasks.

Artificial intelligence and cybersecurity: The real deal

Artificial intelligence and cybersecurity: The real deal

AI will have a growing impact on cybersecurity technology as a helper app, not as a new product category.

Endpoint detection and response is coming - in one form or another

Endpoint detection and response is coming - in one form or another

Vendors are bundling endpoint detection and response (EDR) into endpoint security suites. CISOs want it, but they aren’t sure how to consume it.

Research suggests cybersecurity skills shortage is getting worse

Research suggests cybersecurity skills shortage is getting worse

New data reveals growing skills gaps that represent an existential threat. What should organizations do?

Endpoint security as a service will grow in 2018

Endpoint security as a service will grow in 2018

Organizations want help with endpoint security areas, including data loss prevention, enterprise risk management, and threat hunting.

CISOs should examine commercial SOAPA offerings in 2018

CISOs should examine commercial SOAPA offerings in 2018

Leading vendors are putting together proprietary SOAPA solutions. CISOs should establish an evaluation team tasked with looking for viable options.

Why do CISOs change jobs so frequently?

Why do CISOs change jobs so frequently?

Aside from earning more money, CISOs pursue other opportunities when current employers minimize cybersecurity commitments and efforts.

New Year’s resolutions for CISOs

New Year’s resolutions for CISOs

Security leaders must move closer to the business, improve staff productivity and modernize security technology infrastructure.

Cybersecurity past to predict the future

Cybersecurity past to predict the future

Organizations will continue to embrace the NIST cybersecurity framework, bolster training, and increase budgets.

A few cybersecurity predictions for 2018

A few cybersecurity predictions for 2018

Look for cloud computing chaos, high-end services, technology consolidation/integration, machine learning ubiquity, and a GDPR mess.

What defines job satisfaction for cybersecurity professionals?

What defines job satisfaction for cybersecurity professionals?

To keep the information security team happy, organizations must offer competitive compensation, career advancement and a commitment to strong security.

3 advanced prevention technologies expected to grow in 2018

3 advanced prevention technologies expected to grow in 2018

New advanced protection technologies will help organizations decrease the attack surface and simplify security operations.

Cybersecurity professionals aren’t keeping up with training

Cybersecurity professionals aren’t keeping up with training

While information security professionals agree that continuous training is important, they are too busy to keep up.

Load More