Jon Oltsik

Senior Principal Analyst

  • Blogs
    Jun 16, 2015

    Cybersecurity Industry Blame Game at RSA Conference

    I’ve been meaning to write this blog since returning from San Francisco in April and I’ve finally gotten around to it. With the dangerous threat landscape and seemingly endless string of data breaches, there was quite a bit of industry bashing at this year’s RSA conference. Discussions featured numerous sound bites accusing the cybersecurity industry of "being stuck in the dark ages," and claiming that the industry "has failed its customers." Pretty strong stuff.

  • lab reports
    Jun 15, 2015

    ESG Lab Review: Integrated Security with Video Surveillance on VCE Vblock System and EMC Isilon

    This ESG Lab review documents hands-on testing of the ability of the VCE Vblock System and VCE Technology Extension for EMC Isilon storage to drive value from video surveillance as part of an overall security strategy. Testing focused on the functionality, security, simplicity, and performance of the converged VCE solution, which is designed to provide a scalable, flexible, end-to-end platform for video surveillance deployments.

  • Blogs
    Jun 12, 2015

    Grading Cisco Cybersecurity after CiscoLive

    In anticipation of CiscoLive in San Diego, I posted a blog last week describing my thoughts on Cisco’s cybersecurity portfolio. After attending the event this week, I’m ready to further elaborate on these opinions by grading Cisco Cybersecurity in a number of areas...

  • Blogs
    Jun 5, 2015

    Cisco Cybersecurity Renaissance and Opportunity

    A few short years ago, Cisco was deep in the cybersecurity doldrums. In spite of years of market leadership with products like Cisco PIX firewalls, IronPort (e-mail security), and IDS/IPS blades on Catalyst switches, the company seemed to have squandered its enviable market position. Alas, Cisco had swung and missed on security management (MARS) and endpoint (Okena) and had fallen behind companies like Fortinet, Juniper, and Palo Alto in its own network security backyard.

  • Blogs
    Jun 2, 2015

    Cybersecurity Views from a National Intelligence Officer

    I participated in the Cyber Exchange Forum earlier today, an event sponsored by the Advanced Cyber Security Center (ACSC). The featured speaker was Sean Kanuck, National Intelligence Officer for Cyber Issues, Office of the Director of National Intelligence. In this role, Sean directs the production of national intelligence estimates (for cyber-threats), leads the intelligence community (IC) in cyber analysis, and writes personal assessments about strategic developments in cyberspace.

  • Blogs
    May 29, 2015

    The Highs and Lows of Cybersecurity Integration

    Based upon anecdotal evidence, I estimate that the average large enterprise organization uses more than 70 different security tools from an assortment of vendors. As they say in Texas, “that dog don’t hunt.” In other words, it’s nearly impossible to maintain strong security hygiene or establish best practices when the security organization is chasing cybersecurity optimization on a tool-by-tool basis.

  • News
    May 29, 2015

    ESG: New security approaches wanted to accelerate buisness - Channelnomics

  • Blogs
    May 26, 2015

    Dear CISO, Tear Down These Legacy Cybersecurity Walls!

    Here’s a scenario we’ve all encountered: You go to a nice restaurant to enjoy a meal and the whole experience turns sour. The service is terrible, your entrée arrives before your salad, and your food is overcooked and virtually inedible.

  • News
    May 26, 2015

    A Threat Intelligence-Sharing Reality-Check - Dark Reading

  • News
    May 20, 2015

    Businesses Remain Challenged by Collection, Analysis of Threat Data - eWeek

  • Blogs
    May 19, 2015

    Toward Omniscient Cybersecurity Systems

    Cybersecurity systems suffer from compartmentalization. Vulnerability management systems know which software revisions are installed on which systems, but have no idea how endpoints and servers are connected together. Similarly, an anti-malware gateway can perform static and dynamic analysis on a suspicious file but doesn’t know if a user downloaded analogous malware when she was connected to the Internet on a public network.

  • Blogs
    May 15, 2015

    Security Is a Prisoner of the Network

    I have a very distinct memory about a conversation I had with a colleague in the mid-to-late 1990s about how NetWare worked. I told him that file and print services resided “in the network” but he couldn’t get his arms around this concept. He continually pushed back by saying things like, “well the printers and file servers have to be plugged into the network so isn’t NetWare just running on these devices?”
  • News
    May 14, 2015

    Google Trusts Cloud Computing More Than Firewalls, Migrates Corporate Apps To Internet - TechFrag

  • Blogs
    May 13, 2015

    Google Network Security Sans Perimeter

    About a decade ago, I was first introduced to the Jericho Forum, an international group of cybersecurity executives committed to defining new infosec tools and architectures.

  • News
    May 11, 2015

    Google Moves Its Corporate Applications to the Internet - The Wall Street Journal - CIO Journal

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s information security service. With over 25 years of technology industry experience, Jon is widely recognized as an expert in all aspects of information security and is often called upon to help customers understand a CISO's perspective and strategies. Recently, Jon has been an active participant with cybersecurity issues, legislation, and technology within the U.S. federal government.

Full Biography