Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and he is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon also publishes articles on The Cipher Brief, a digital, security-based conversation platform that connects the private sector with the world’s leading security experts, and is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

3 advanced prevention technologies expected to grow in 2018

3 advanced prevention technologies expected to grow in 2018

New advanced protection technologies will help organizations decrease the attack surface and simplify security operations.

Cybersecurity professionals aren’t keeping up with training

Cybersecurity professionals aren’t keeping up with training

While information security professionals agree that continuous training is important, they are too busy to keep up.

2018: The year of advanced threat prevention

2018: The year of advanced threat prevention

In 2018, leading organizations will adopt new technologies to help them decrease the attack surface and block attacks in real time.

Cybersecurity skills shortage creating recruitment chaos

Cybersecurity skills shortage creating recruitment chaos

Because of the global cybersecurity skills shortage, nearly half of all cybersecurity professionals are solicited to consider other jobs at least once per week.

Enterprises must address Internet of Identities challenges

Enterprises must address Internet of Identities challenges

No one owns identity at many organizations and identity skills are lacking. In lieu of a solution, these issues could lead to IoT roadblocks and security vulnerabilities.

The cybersecurity skills shortage acts as a root cause for security events

The cybersecurity skills shortage acts as a root cause for security events

New research from ESG and ISSA reveals that a lack of training, inadequate cybersecurity staffing, and business apathy contribute to security events.

Acute cybersecurity skills shortage areas

Acute cybersecurity skills shortage areas

Security analysts/investigators, application security specialists, and cloud security skills top a long list of skills deficits.

Research confirms the cybersecurity skills shortage is an existential threat

Research confirms the cybersecurity skills shortage is an existential threat

ESG research with ISSA shows that organizations don’t have the right levels of cybersecurity personnel, skills and ongoing training to keep up with cyber risk.

The cybersecurity skills shortage impacts security operations

The cybersecurity skills shortage impacts security operations

Large organizations are understaffed and lack the right skills for things such as threat hunting, prioritizing alerts, and forensic investigations.

Identity management to-do list aligns with cybersecurity

Identity management to-do list aligns with cybersecurity

Large organizations want to monitor user activities, move to multi-factor authentication, and get security more involved with IAM decisions.

Endpoint security needs 'efficient efficacy'

Endpoint security needs 'efficient efficacy'

Enterprise organizations want new endpoint security tools that prevent exploits and malware better and streamline operations.

The internet of identities is coming and will bring massive IAM changes

The internet of identities is coming and will bring massive IAM changes

New demands for scale, security and machine learning will support massive proliferation of internet-connected devices.

The push toward comprehensive endpoint security suites

The push toward comprehensive endpoint security suites

Traditional and next-generation vendors offer suites for endpoint protection, detection and response. But what’s needed, and will customers buy?

Best practice: Security operations automation before orchestration

Best practice: Security operations automation before orchestration

Start by automating simple security operations tasks and then proceed with re-engineering and orchestrating processes.

Few people know it's National Cybersecurity Awareness Month. That’s a problem

Few people know it's National Cybersecurity Awareness Month. That’s a problem

National Cybersecurity Awareness Month has failed to gain national, industry or cybersecurity community attention. It’s time to rally around it or kill it.

Trend Micro positioned to take on enterprise security leaders

Trend Micro positioned to take on enterprise security leaders

Trend Micro has the products, ecosystem and strategy to become an enterprise security leader. Now it needs to improve market visibility and get on CISOs’ radar.

How enterprise organizations benefit from SOAPA

How enterprise organizations benefit from SOAPA

Security operations and analytics platform architecture could accelerate technology innovation, ease integration, and enhance the value of existing technologies.

What’s holding back enterprise security technology transformation?

What’s holding back enterprise security technology transformation?

Hype, confusion and technobabble hinder cybersecurity purchasing decisions and ongoing operations.

Cybersecurity technology: Everything is transforming and in play

Cybersecurity technology: Everything is transforming and in play

Changing requirements and constant innovations are making security technology options more confusing.

Splunk steps up its enterprise security game

Splunk steps up its enterprise security game

Amid the user excitement, Splunk made several enterprise security announcements at its annual user conference.

Load More