Jon Oltsik

Senior Principal Analyst

  • Blogs
    Apr 18, 2013

    What I’m Learning about Mobile Computing Security Best Practices

    Mobile computing presents an opportunity to get things right if CISOs approach it with the right strategy.

  • Blogs
    Apr 12, 2013

    Will ONS Help SDN Cross the Chasm?

    Next Week’s Open Network Summit may signal a new era in networking equipment.

  • research briefs
    Apr 9, 2013

    2013 Information Security Spending Trends

    Nearly half of midmarket and enterprise organizations plan to increase their information security spending in 2013, and only a small number of these organizations expect decreased information security budgets this year. In addition to investigating organizations’ plans to spend in areas such as network security, advanced malware detection and prevention, and mobile device security, ESG also considered the impact of the ongoing security skills shortage on organizations’ security initiatives.

  • research reports
    Apr 5, 2013

    Web Application Security Testing Tools and Services

    In order to assess the market for web application security testing tools and services, including static application security testing (SAST) and dynamic application security testing (DAST) tools, processes, policies, and services, ESG surveyed 200 IT and information security professionals working at midmarket (100 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America. 

  • Blogs
    Apr 3, 2013

    What is the Winning Formula for Big Data Security Analytics Solutions?

    Rapid innovation in product intelligence, data sharing, visualization, and useability will separate leaders from posers.

  • Blogs
    Apr 1, 2013

    Defining Big Data Security Analytics

    ESG sees big data information security analytics solutions evolving along a continuum.

  • The Evolution of Big Data Security Analytics Technology

    Does information security analytics qualify as big data? Considering the challenges involved in capturing, processing, storing, searching, sharing, analyzing, and visualizing all of the data that an organization collects from log files, external intelligence feeds, and other sources, this question is clearly answered as many organizations say that security data collection and analysis would be considered big data within their organizations today. ESG defines the term “big data” as follows: In information technology, big data is defined as a collection of data sets so large and complex that it becomes difficult to process using on-hand database management tools or traditional data processing applications.

  • Blogs
    Mar 26, 2013

    Network Security Trumps Server Security in the Enterprise

    Purchasing behavior and information security organization focus has broad market implications.

  • Blogs
    Mar 22, 2013

    VCs Jumping Back Into Security Investments

    FireEye, Imperva, Palo Alto Networks and SilverTail success stories driving more interest in funding information security startups.

  • Blogs
    Mar 19, 2013

    Is the World Ready for the Intersection of Software-defined Networking (SDN) and Network Security?

    Good concept but questions remain about timing and vendor motivation on software-defined networking (SDN) and network security.

  • News
    Mar 19, 2013

    Time to Pay Attention to All That SDN Hype - IT World Canada

  • briefs
    Mar 14, 2013

    Advanced Cyber Threats Demand a New Privileged Account Security Model

    In spite of marginal progress, privileged accounts remain vulnerable. Why? Sophisticated cyber attacks like APTs take advantage of informal processes, weak security controls, and monitoring limitations to target administrator accounts, compromise their systems, and gain access to valuable IT assets. Tactical changes don’t go far enough. Rather, CISOs need to think in terms of a privileged account security architecture offering central control, management, monitoring, and oversight of privileged accounts for IT assets throughout the enterprise.

  • Blogs
    Mar 14, 2013

    Information Security Services Continue to Prosper --Dramatically Yet Quietly

    Technology and innovation got all the attention at RSA 2013 while information security service providers can’t keep up with demand.

  • briefs
    Mar 12, 2013

    Next-generation Security Management Needs Massive Scale and Real-time Business Intelligence

    The recent wave of information security breaches has gotten attention from the corner office. CEOs and corporate boards are now willing to invest more time and attention in cybersecurity but they are also demanding better visibility, monitoring, and oversight of IT risk so they can make informed and timely investment decisions. Unfortunately, CISOs are hamstrung by legacy security tools which collectively generate huge volumes of data but can’t consolidate and report on this data in a way that is meaningful to the business stakeholders. What’s needed?  A next-generation security management architecture built for scale, integration, automation, and business/IT analytics.

  • Blogs
    Mar 12, 2013

    What’s Old Is New Again In Information Security

    FireEye, Palo Alto Networks, and new cybersecurity requirements were buzzing at RSA 2013.

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.

Full Biography


Enter your email address, and click subscribe