Jon Oltsik

Senior Principal Analyst

  • News
    Dec 23, 2015

    GDPR: How will the EU data protection law impact U.S. industry? - TechTarget

  • Blogs
    Dec 17, 2015

    Creating a Cybersecurity Center of Excellence

    I’ve been writing about the cybersecurity skills shortage for many years and unfortunately, things seem to be getting worse. Here are a few data points: According to ESG research, 28% of organizations claim that they have a “problematic shortage” of IT security skills.
  • Blogs
    Dec 15, 2015

    A Few Cybersecurity Predictions for 2016

    I’m a bit reluctant to blog about 2016 cybersecurity predictions as it seems like everyone is getting into this act. Alas, this end-of-year tradition used to be the exclusive domain of the analyst community and a few industry beacons, but now it seems like every security tools vendor in the world is reaching out to me to tell me what they see in their crystal ball.

  • Blogs
    Dec 10, 2015

    When APIs and DevOps Meet Cybersecurity

    Cybersecurity professionals often complain about the number of disparate tools they’ve deployed on their networks. Ask any enterprise CISO and he or she will come up with a list of around 60 to 80 various security tools from a myriad of distinct vendors.

  • Blogs
    Dec 9, 2015

    Software Security is Not Keeping Up

    We cybersecurity professionals spend a heck of a lot of time in areas like endpoint security, network security, and overall threat management. In the dozen years I’ve been focusing on cybersecurity, this situation hasn’t changed. Unfortunately, this means that we haven’t paid enough attention to software security in the past, and we continue to maintain this basic status quo approach today.

  • News
    Dec 7, 2015

    ESG's Jon Oltsik on New England Cable News: This Week in Business: The Internet and Terrorism

    ESG Senior Principal Analyst Jon Otsik appeared on New England Cable News' This Week in Business to talk about cybersecurity issues related to terrorism, the Internet, and identity theft. 

  • News
    Dec 6, 2015

    The Internet and Terrorism - NECN

  • News
    Dec 6, 2015

    Protecting the Cyber Supply Chain - The Cipher Brief

  • Blogs
    Dec 3, 2015

    Enterprises Need to Improve IT Vendor Risk Management

    had the pleasure of attending a presentation given by Dr. Ron Ross, a fellow at the National Institute of Standards and Technology (NIST). Ron’s areas of specialization include information security, risk management, and systems security engineering.

  • Blogs
    Nov 24, 2015

    Handicapping Enterprise Security Vendors

    In the course of my average work day, I try to read all the cybersecurity news I can. I came across a very good article in Forbes that looks at the cybersecurity opportunities for companies like IBM, Cisco, Dell, and others. The article points out that the market for cybersecurity products and services is estimated at $77b today, growing to $120b by 2020. That’s a lot of firewalls, AV software, and identity tokens!

  • Blogs
    Nov 19, 2015

    Cybersecurity Lessons Learned from the 9/11 Commission Report

    Cybersecurity and IT professionals would be wise to review the findings of the 9/11 Commission report published in 2004. The report provides a comprehensive analysis of events surrounding the attacks and points to a number of systemic problems in several areas:

  • News
    Nov 17, 2015

    ProtectWise gets $20M for cloud DVR to see data changes over time - The Denver Post Business

  • Blogs
    Nov 16, 2015

    The State of Cyber Insurance

    All this year, I’ve been researching the burgeoning cyber insurance market. Admittedly, this is a bit of a detour from covering endpoint security, network security, and security analytics, but cyber insurance is becoming an increasingly important puzzle piece in any organization’s risk mitigation strategy, so it’s worth paying attention to.

  • Blogs
    Nov 10, 2015

    Cloud Computing And Network Security Challenges

    A majority of enterprise organizations are embracing cloud computing in one form or another. According to ESG research, 67% of enterprises use public or private cloud infrastructure today while 66% use one or several SaaS applications. So what about network security? It’s a bit of a struggle today as many organizations move to cloud computing long before they have the right infosec skills, processes, or tools in place.
  • Blogs
    Nov 6, 2015

    Cisco Acquires Lancope: Great Fit, Great Deal.

    Just before Halloween (10/27), Cisco announced its acquisition of security analytics veteran Lancope for $453m. Given the timing of the deal, it’s fair to ask an appropriate question: Trick or treat? There’s no debate here – treat. With the Lancope purchase, Cisco walked into the security analytics neighborhood, knocked on just one door, and grabbed a bag full of candy. Okay, enough of the Halloween metaphors, this was a very good deal for Cisco for several reasons...

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. 

Full Biography