Jon Oltsik

Senior Principal Analyst

  • Blogs
    Jan 15, 2013

    Random security predictions for 2013

    Lots of malware and industry activity, but continuing intransigence in Washington.

  • Blogs
    Jan 11, 2013

    Kingpin: A great read for those interested in cybersecurity

    A compelling and gripping story about a hacker’s background, mentality, skills, and criminal activities

  • Blogs
    Jan 7, 2013

    Security Skills Shortage Is Impacting Incident Detection

    Enterprises need to improve security intelligence, analytics, and automation to address skills deficits.

  • Blogs
    Jan 2, 2013

    Cybersecurity New Year’s Resolutions for All PC Users

    A few system and lifestyle changes will better protect you, your data, and your system in 2013.

  • briefs
    Dec 20, 2012

    Advanced Malware Protection Must Extend to Incident Detection and Response

    Large organizations are under constant cyber attack by advanced malware that circumvents traditional security controls. In response, many CISOs have purchased new network or host-based advanced malware detection/prevention (AMD/P) tools for identifying and blocking malware. This is a good start, but what happens when advanced malware sneaks through security defenses and compromises servers and endpoints?  ESG believes that large organizations need to support AMD/P gateways and endpoint software with security intelligence, file activity monitoring, and forensic data capture that work collectively as an AMD/P architecture.

  • Blogs
    Dec 18, 2012

    Executive Management Is Becoming More Engaged In Information Security

    Good news but CEO participation in cybersecurity decisions and oversight carries a cost

  • research briefs
    Dec 18, 2012

    Customers Look for Antivirus with Online File Sharing

    Antivirus is one of the most important features that business customers expect for secure file sharing. When IT decision-makers were asked about the most important security features they look for when choosing an online file sharing and collaboration (OFS) solution, more than half cited antivirus scans. Yet this is a feature that OFS providers frequently bypass in their messaging. This brief lists and ranks the security requirements business customers look for in an OFS solution, and suggests next steps for OFS providers.

  • Blogs
    Dec 14, 2012

    Security Intelligence Can Help Enterprises Improve Risk Management and Incident Detection/Response

    ESG Research reveals best practices.  Information security intelligence another driver for big data security analytics.

  • Blogs
    Dec 11, 2012

    Enterprises Are Buying Host-based Advanced Malware Detection/Prevention Tools to Capture Forensic Data

    APTs and advanced malware are having a profound effect on cybersecurity technologies. One notable change is the rise of new Advanced Malware Detection/Prevention (AMD/P) technologies from vendors such as Bit9, Bromium, CounterTack, Invincea, Malwarebytes, and Sourcefire that detect and block advanced malware on servers and endpoints.

  • briefs
    Dec 10, 2012

    Security Intelligence: A Key Component of Big Data Security Analytics

    The intersection of big data and security analytics has officially arrived as large organizations collect, process, store, and analyze terabytes of internal and external security data. This trend is driving greater consumption of security intelligence for security analytics. ESG found that advanced organizations are gaining extensive value from security intelligence as it helps them address risk and detect/respond to incidents in a more rapid fashion. This brief discusses the best practices that proactively address risk these organizations utilize to maximize benefits from security intelligence.

  • Blogs
    Dec 7, 2012

    Security Data Explosion Is Driving Big Data Security Analytics

    Enterprises collect terabytes of data on a monthly basis. What makes security data “big data?“ One place to start is simply security data volume.

  • Blogs
    Nov 29, 2012

    Security Analytics Is In Fact A Big Data Problem

    New ESG data reveals that enterprise organizations believe that the intersection of security analytics and big data is here today or will arrive very soon.

  • research reports
    Nov 28, 2012

    Research Report: The Emerging Intersection Between Big Data and Security Analytics

    In order to assess the intersection of big data and security analytics in 2012 and beyond, ESG surveyed 257 IT and information security professionals working at enterprise-class (1,000 employees or more) organizations in North America. All respondents were directly involved in the planning, implementation, and/or operations of their organization’s information security policies, processes, or technical safeguards. They were all also familiar with their organization’s collection and/or analysis of security data in support of their organization’s risk management, security analysis, and incident detection/response strategies.

  • infographics
    Nov 28, 2012

    The Emerging Intersection Between Big Data and Security Analytics Infographic

    Large organizations are collecting, processing, storing, and analyzing more and more data to support security management and operations activities such as risk management and incident detection/response. Legacy security analytics tools cannot keep up with this data growth, which presents a new set of challenges and risks for CISOs. The data presented in this report identifies a transition in place--large organizations will alter processes, replace technologies, and enhance internal skills in order to build a scalable, integrated, and highly intelligent "big data" security analytics architecture.

  • briefs
    Nov 26, 2012

    Sourcefire: Advanced Malware Detection/Prevention (AMD/P) and an Enterprise Security Architecture

    This month, Sourcefire announced new security software, new network security appliances, and AMD/P functionality for FirePOWER appliances. This announcement alone was pretty impressive, but along with Sourcefire’s host-based AMD/P, next-generation network security offerings, and cloud-based big data intelligence and analytics, Sourcefire offers an enterprise-class security architecture. This will likely make Sourcefire extremely popular with CISOs and large organizations.

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.

Full Biography


Enter your email address, and click subscribe