Jon Oltsik

Senior Principal Analyst

  • Blogs
    Nov 24, 2015

    Handicapping Enterprise Security Vendors

    In the course of my average work day, I try to read all the cybersecurity news I can. I came across a very good article in Forbes that looks at the cybersecurity opportunities for companies like IBM, Cisco, Dell, and others. The article points out that the market for cybersecurity products and services is estimated at $77b today, growing to $120b by 2020. That’s a lot of firewalls, AV software, and identity tokens!

  • Blogs
    Nov 19, 2015

    Cybersecurity Lessons Learned from the 9/11 Commission Report

    Cybersecurity and IT professionals would be wise to review the findings of the 9/11 Commission report published in 2004. The report provides a comprehensive analysis of events surrounding the attacks and points to a number of systemic problems in several areas:

  • News
    Nov 17, 2015

    ProtectWise gets $20M for cloud DVR to see data changes over time - The Denver Post Business

  • Blogs
    Nov 16, 2015

    The State of Cyber Insurance

    All this year, I’ve been researching the burgeoning cyber insurance market. Admittedly, this is a bit of a detour from covering endpoint security, network security, and security analytics, but cyber insurance is becoming an increasingly important puzzle piece in any organization’s risk mitigation strategy, so it’s worth paying attention to.

  • Blogs
    Nov 10, 2015

    Cloud Computing And Network Security Challenges

    A majority of enterprise organizations are embracing cloud computing in one form or another. According to ESG research, 67% of enterprises use public or private cloud infrastructure today while 66% use one or several SaaS applications. So what about network security? It’s a bit of a struggle today as many organizations move to cloud computing long before they have the right infosec skills, processes, or tools in place.
  • Blogs
    Nov 6, 2015

    Cisco Acquires Lancope: Great Fit, Great Deal.

    Just before Halloween (10/27), Cisco announced its acquisition of security analytics veteran Lancope for $453m. Given the timing of the deal, it’s fair to ask an appropriate question: Trick or treat? There’s no debate here – treat. With the Lancope purchase, Cisco walked into the security analytics neighborhood, knocked on just one door, and grabbed a bag full of candy. Okay, enough of the Halloween metaphors, this was a very good deal for Cisco for several reasons...

  • Blogs
    Nov 5, 2015

    IT Vendor Risk Management: Improving but Still Inadequate

    One of the fundamental best practices of cyber supply chain security is IT vendor risk management. When organizations purchase and deploy application software, routers, servers, and storage devices, they are in essence placing their trust in the IT vendors that develop and sell these products.

  • News
    Nov 4, 2015

    GRC Bullseye? RSA Updates Archer Platform - IT TNA

  • Blogs
    Nov 3, 2015

    The Return of AV Leaders?

    When I started covering the infosec market around 13 years ago, anti-spyware was the hot topic Du Jour. The market went through a common cycle – VCs funded companies and cranked up the hype machine. Some product companies were acquired (CA purchased PestPatrol, Microsoft acquired Giant Software, etc.), while others pivoted from anti-spyware alone to endpoint security (Webroot).

  • infographics
    Nov 2, 2015

    Threat Intelligence Realities

    Threat intelligence sharing has received a lot of attention over the past 12 months due to industry messages and proposed government legislation for public/private threat intelligence sharing. Enterprises are embracing threat intelligence programs, but these efforts remain immature and fraught with operational problems. Furthermore, most large organizations are focused on threat intelligence consumption rather than threat intelligence sharing. Vast improvements in threat intelligence standards, timeliness, contextualization, and operations are necessary before the cybersecurity community can truly benefit from the threat intelligence sharing vision being promoted by industry organizations and government agencies. 

  • News
    Nov 2, 2015

    After the Breach: How Government Reacted to OPM - FedTech Magazine

  • Blogs
    Oct 29, 2015

    Stop CISA!

    I’ve been following cybersecurity legislation for a number of years, including all the proceedings with the Cybersecurity Information Sharing Act (CISA). After much deliberation, I believe that CISA remains fundamentally flawed and needs a lot more work before it becomes the law of the land.

  • News
    Oct 28, 2015

    The new perimeter is everywhere - Networks Asia

  • Blogs
    Oct 27, 2015

    Oracle M7 Enhances CPU-level Security

    As summer turned to fall, the IT industry got together at VMworld and then Re:Invent to celebrate cloud computing. This translated to software-defined everything – data centers, networking, storage, etc. Yup, we are deep into a hype cycle where the entire industry is in a state of gaga over all things associated with software like flexibility and agility. Great stuff but software has to run somewhere so there is and always will be market for high-performance hardware.

  • News
    Oct 26, 2015

    It’s time to pull the trigger on security automation - Network World

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. 

Full Biography