Jon Oltsik

Senior Principal Analyst

  • Blogs
    Sep 25, 2013

    Big Data Security Analytics FAQ

    Q&A is meant to cut through vendor spin and help users understand and benefit from big data security analytics.

  • research briefs
    Sep 24, 2013

    Extending Enterprise Security with Mobile Security Services

    Mobile computing is well beyond a fad for e-mail enablement; enterprise organizations are undertaking mobile computing initiatives for new business processes and creative applications that reach employees, customers, and even business partners. When mobile devices were first implemented, CIOs turned to Mobile Device Management (MDM) platforms to onboard and manage devices, but MDM really doesn’t protect employees when they use mobile browsers or applications on the devices themselves. As mobile computing evolves, CISOs are implementing their own mobile security solutions for malware protection and application controls. Cloud-based mobile security solutions that integrate with traditional MDM are becoming popular choices for these requirements.

  • research briefs
    Sep 24, 2013

    Security Professionals to Washington: Less Talk, More Cybersecurity Action

    Since the term “cyber Pearl Harbor” was first coined during the Clinton administration, the U.S. government has warned about cybersecurity dangers but done little to protect the nation. Earlier this year, President Obama issued an executive order to address cybersecurity, but others in Washington view this as a political move and remain cynical about any real cybersecurity threat. Is the cyber threat real and if so, what should the U.S. Federal Government do about it?  To answer this question, ESG surveyed 315 security professionals working at U.S.-based enterprise organizations (i.e., 1,000 or more employees). This well-informed group of cybersecurity “insiders” is much more certain than DC pundits, think tanks, and legislators—they firmly believe that cybersecurity threats are real and want to see more from Washington in response.

  • News
    Sep 24, 2013

    Investors lured by FireEye's likely explosive growth - USA TODAY

  • Blogs
    Sep 23, 2013

    Organizations Remain Vulnerable to Insider Attacks

    IT scale and sophisticated malware make insider attacks more difficult to prevent and detect.

  • Blogs
    Sep 20, 2013

    The International Security Community Should Embrace the STIX and TAXII Standards

    DHS/Mitre standards could help users and security technology vendors benefit from an avalanche of security intelligence.

  • Blogs
    Sep 18, 2013

    Why is Cisco Getting into Security Services?

    Consulting, implementation, and managed services align with Cisco goals and customer needs.

  • Blogs
    Sep 16, 2013

    ESG Research Report Describes a Major Transition Coming to Endpoint Security

    Spending is up but attitudes toward traditional antivirus software are way down.

  • briefs
    Sep 12, 2013

    Addressing APTs and Modern Malware with Security Intelligence

    APTs first came on the scene in 2010, creating a wave of fear, hype, and activity. Many organizations increased their spending on information security and believed they were making progress, but ESG research indicates that nearly half of enterprise organizations are still regularly compromised by modern malware. While there is no single solution to this problem, CISOs can improve the efficacy of their threat defenses and security operations by integrating security intelligence into their security technologies and infrastructures. Webroot, a security intelligence leader, is partnering with a number of security device vendors to offer a strong combination of modern malware defenses and integrated security intelligence.

  • research briefs
    Sep 12, 2013

    Malware and the State of Enterprise Security

    The malware threat landscape is getting worse and many large organizations continue to suffer security breaches as a result. Why? Enterprises often lack the right security skills and their current defenses and security analytics are no match for increasingly sophisticated and stealthy targeted attacks. Fortunately, large organizations recognize these gaps and are increasing security budgets to bolster malware prevention, detection, and response. To benefit from these investments as soon as possible, CISOs should improve malware knowledge, invest in security analytics, and deploy modern anti-malware technologies on networks and hosts.

  • research reports
    Sep 11, 2013

    Advanced Malware Detection and Prevention Trends

    The primary objective of this ESG research study was to survey security professionals working at enterprise organizations (i.e., 1,000 employees or more) in order to better understand their opinions, experiences, and skills as they pertain to modern malware. Furthermore, ESG wanted to understand how large organizations are preventing, detecting, and responding to malware attacks on a regular basis and what, if anything, is changing.

  • Blogs
    Sep 6, 2013

    Dell’s Most Secure PC Initiative Presents a New Opportunity

    Company can build on current offering, upset the endpoint security market, and benefit from enterprise security trends.

  • Blogs
    Aug 29, 2013

    Time to Bridge the Gap between Identity and Security

    Enterprises must address the historical separation of organizations and tools with an integration strategy.

  • Blogs
    Aug 27, 2013

    Will VMware NSX Reinvent Data Center Networking and Security?

    Great vision, but IT skills, baggage, and intransigence present major obstacles ahead.

  • Blogs
    Aug 26, 2013

    IBM Extends Its Cybersecurity Footprint With Trusteer Acquisition

    Israeli company provides new opportunities for product sales and enterprise integration.

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.

Full Biography