Jon Oltsik

Senior Principal Analyst

  • News
    Nov 4, 2015

    GRC Bullseye? RSA Updates Archer Platform - IT TNA

  • Blogs
    Nov 3, 2015

    The Return of AV Leaders?

    When I started covering the infosec market around 13 years ago, anti-spyware was the hot topic Du Jour. The market went through a common cycle – VCs funded companies and cranked up the hype machine. Some product companies were acquired (CA purchased PestPatrol, Microsoft acquired Giant Software, etc.), while others pivoted from anti-spyware alone to endpoint security (Webroot).

  • infographics
    Nov 2, 2015

    Threat Intelligence Realities

    Threat intelligence sharing has received a lot of attention over the past 12 months due to industry messages and proposed government legislation for public/private threat intelligence sharing. Enterprises are embracing threat intelligence programs, but these efforts remain immature and fraught with operational problems. Furthermore, most large organizations are focused on threat intelligence consumption rather than threat intelligence sharing. Vast improvements in threat intelligence standards, timeliness, contextualization, and operations are necessary before the cybersecurity community can truly benefit from the threat intelligence sharing vision being promoted by industry organizations and government agencies. 

  • News
    Nov 2, 2015

    After the Breach: How Government Reacted to OPM - FedTech Magazine

  • Blogs
    Oct 29, 2015

    Stop CISA!

    I’ve been following cybersecurity legislation for a number of years, including all the proceedings with the Cybersecurity Information Sharing Act (CISA). After much deliberation, I believe that CISA remains fundamentally flawed and needs a lot more work before it becomes the law of the land.

  • News
    Oct 28, 2015

    The new perimeter is everywhere - Networks Asia

  • Blogs
    Oct 27, 2015

    Oracle M7 Enhances CPU-level Security

    As summer turned to fall, the IT industry got together at VMworld and then Re:Invent to celebrate cloud computing. This translated to software-defined everything – data centers, networking, storage, etc. Yup, we are deep into a hype cycle where the entire industry is in a state of gaga over all things associated with software like flexibility and agility. Great stuff but software has to run somewhere so there is and always will be market for high-performance hardware.

  • News
    Oct 26, 2015

    It’s time to pull the trigger on security automation - Network World

  • News
    Oct 26, 2015

    Nok Nok Labs launches new version of authentication suite - Planet Biometrics

  • News
    Oct 24, 2015

    FireEye Threat Intelligence Engine aims to counter evolving cyber threats - CPI Financial

  • Blogs
    Oct 19, 2015

    What Happens to RSA?

    While last week’s Dell/EMC merger was certainly a blockbuster, nothing specific was mentioned about future plans for RSA Security. Michael Dell did say that there were a “number of discussions about security” during the negotiations, but apparently, no concrete plans yet. Infosec reporters have lobbed phone calls into Round Rock Texas as well as Bedford and Hopkinton, MA looking for more details, but Dell and EMC officials haven’t responded.

  • Blogs
    Oct 15, 2015

    FireEye Myth and Reality

    Some tech companies are always associated with their first acts. Dell just acquired my first employer, EMC Corporation, in order to expand its enterprise portfolio, yet the company will always be linked with personal computers and its founder’s dorm room. F5 has become a nexus that brings together networks and applications but will always retain the moniker of a load balancing company. Bit9 has established itself as a major next-generation endpoint player, yet some people can only think of its original focus on white listing.

  • Blogs
    Oct 9, 2015

    A Call for Open Cybersecurity Middleware

    While attending Splunk.conf 15, I sat in on an interesting presentation given by Christof Jungo, head of security architecture and engineering at Swisscom. Jungo described Swisscom’s cybersecurity strategy as anchored by a “nerve center” (based on Splunk) that centralizes all security data – network data, endpoint forensics, application logs, identity and access management, threat intelligence, etc. Christof mentioned that this process has helped Swisscom accelerate threat detection.

  • News
    Oct 7, 2015

    FireEye and F5 partner up to help CISOs - IT Brief

  • Blogs
    Oct 6, 2015

    U.S. Critical Infrastructure Continue to Make Risky IT Bets

    When the term “critical infrastructure” is mentioned in conversation, thoughts immediately turn to things like electrical power plants, oil and gas pipelines, food, water, etc. You know, the foundational services of modern life that we all take for granted. These are the same industries that former Defense Secretary Leon Panetta was referring to when he warned of the possibility of a “cyber-Pearl Harbor” back in 2012.

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. 

Full Biography