Jon Oltsik

Senior Principal Analyst

  • Blogs
    May 5, 2015

    Valuable Federal Cybersecurity Training for Critical Infrastructure Organizations

    Last week I wrote two blogs about cybersecurity, critical infrastructure organizations, and the US government. Now I'll discuss valuable federal cybersecurity training for critical infrastructure organizations.

  • Blogs
    May 1, 2015

    Federal Cybersecurity Carrots and Sticks

    In my last blog, I highlighted a recent ESG research survey of cybersecurity professionals working at critical infrastructure organizations. As a review...

  • Blogs
    Apr 29, 2015

    Cybersecurity, Critical Infrastructure, and the Federal Government

    The term “critical infrastructure” is used by governments around the world to describe industries and physical assets deemed essential to their economies and national security. Critical infrastructure industries include agriculture, electricity generation, financial services, health care, telecommunications, and government services like law enforcement and the water supply (i.e., drinking water, waste water, dams, etc.).

  • briefs
    Apr 28, 2015

    Critical Infrastructure Organizations Want More Cybersecurity Help from Washington

    Since the administrations of George H.W. Bush and Bill Clinton, Washington politicians have pledged to address cyber-vulnerabilities within critical infrastructure industries. Has anything changed? Not really. The research conducted by ESG and presented in this brief reveals that critical infrastructure organizations continue to experience numerous security incidents and believe that the threat landscape is only getting worse. Furthermore, security professionals working at these organizations remain unclear about the U.S. government’s cybersecurity strategy. In spite of this confusion, critical infrastructure organizations believe that it’s time for Washington to get more involved in cybersecurity issues and create cybersecurity programs that offer real help.

  • Blogs
    Apr 27, 2015

    Take-aways from RSA

    As expected, the 2016 RSA Conference was bigger than ever—more attendees, presentations, exhibitors, etc. Since I live in the cybersecurity space, there were few surprises, but there were a few major highlights to this year’s show.
  • Blogs
    Apr 24, 2015

    Making Sense of Raytheon and Websense

    I was just getting on my flight to the RSA Security Conference in San Francisco on Monday morning when I received an e-mail announcing an intriguing cybersecurity deal.Defense contractor Raytheon announced its acquisition of security veteran Websense for approximately $1.6 billion. Vista Equity Partners, Websense’s previous owner, also contributed $335 million and will retain some skin in the game.

  • Blogs
    Apr 22, 2015

    Somber Message at the 2015 RSA Conference

    As the 2015 RSA Conference got underway this week, I attended a dinner hosted by Pacific Crest Securities. Our host began the dinner by asking former cyber czar Richard Clarke to say a few words. Now this was a rather festive dinner as the cybersecurity industry is in the midst of a robust boom. Nevertheless, Clarke’s brief talk was a reminder of where we’ve been and the state of cybersecurity today.

  • Blogs
    Apr 17, 2015

    Undercurrent RSA Conference Theme: Security Technology Integration

    Just a few days until the start of the RSA Conference and I expect an even bigger event than last year – more presentations, vendors, cocktail parties, etc. The conference will likely focus on security technologies like endpoint security, cloud, security, threat intelligence, IAM, and others which I described in a recent blog.

  • News
    Apr 14, 2015

    IT fragmentation leavng business vulnerable to hackers -CBR

  • esg video capsules
    Apr 13, 2015

    ESG Video Capsule: The Endpoint Security Paradox

    In this ESG Video Capsule, ESG Senior Principal Analyst Jon Oltsik discusses ESG's recent research on endpoint security.

  • Blogs
    Apr 13, 2015

    Threat Intelligence Sharing Momentum and Needs

    Threat intelligence sharing is certainly riding a wave of momentum as we head into the RSA Conference next week. Over the past 6 months, we’ve seen things like lots of federal activity, further adoption of threat intelligence standards, and industry actions.

  • Blogs
    Apr 7, 2015

    Anticipating RSA 2015

    The annual security geek-fest known as the RSA Security Conference is just 2 weeks away. Alas, I remember when it was a cozy event that attracted a few thousand visitors and focused on esoteric security technologies like cryptography, deep packet inspection, and malware detection heuristics.

    As for 2015, I expect at least 25,000 attendees spanning keynote presentations, show floors, pervasive hospitality suites and a constant barrage of hokey themed cocktail parties.

  • Blogs
    Apr 2, 2015

    Could Software-defined Networking (SDN) Revolutionize Network Security?

    Network security grows more and more difficult all the time. According to recent ESG research on network security, 79% of security professionals working at enterprise organizations (i.e., more than 1,000 employees) believe that network security is more difficult than it was two years ago. Why? Threats are getting more targeted, voluminous, and sophisticated while networks grow more complex with the addition of more users, devices, traffic, etc.

  • News
    Apr 1, 2015

    Taming the third-party threat: Application security - SC Magazine

  • Blogs
    Mar 31, 2015

    The Proportional Cybersecurity Law (aka Oltsik’s law)

    The combination of IT complexity, the growing attack surface, and a progressively more dangerous threat landscape is making cybersecurity more difficult. And it’s not one particular area of cybersecurity that’s becoming more difficult, it’s the whole kit and caboodle.

More Results:

Phone:
508-381-5166

E-mail

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.

Full Biography

NEWSLETTER

Enter your email address, and click subscribe