Jon Oltsik

Senior Principal Analyst

  • News
    Oct 4, 2012

    What if Ethernet failed? - PC Advisor

  • Blogs
    Oct 3, 2012

    Happy Cybersecurity Awareness Month!

    Oh, you didn't know if was national cybersecurity awareness month?  You are not alone -- and that is a real shame, if you ask me. 

  • Blogs
    Sep 25, 2012

    Big Changes Could be Coming in the Endpoint Security Market

    Growth of Advanced Malware Detection/Prevention (AMD/P) technology will impact standard antivirus software.

  • briefs
    Sep 20, 2012

    APTs, Information Security Strategy, and CounterTack

    Over the past few years, Advanced Persistent Threats (APTs) have altered the threat landscape, creating new requirements for enterprise information security. While many organizations have responded with additional funding or new security technologies, they still tend to rely on traditional security strategies like adding traditional layers of defense or hardening systems—a good start, but inadequate for APT protection. To address new types of sophisticated and targeted threats, large organizations need new processes and tools for continuous monitoring and detailed, broad situational awareness. CounterTack provides security technologies that were designed for these very requirements.

  • research briefs
    Sep 19, 2012

    The First Line of Defense against APTs

    Nearly three-quarters of organizations expect to be the target of Advanced Persistent Threats (APTs) in the near future. Information security vendors have come forward with new products to spot and stop APTs, and they each approach the task in different ways. This research brief reviews the different types of advanced malware detection and prevention products available today, and provides advice on the one type of product each enterprise organization should implement quickly to protect its assets from APTs.

  • Blogs
    Sep 18, 2012

    Changing Enterprise Security Strategies

    Enterprise organizations want more automation, integration, intelligence, and scale from security software.

  • research briefs
    Sep 12, 2012

    Deployment of Privileged User Access Controls at Enterprise Organizations

    So-called privileged users have the proverbial keys to the kingdom when it comes to configuring IT equipment or accessing sensitive information. Unfortunately, those privileges are sometimes used inappropriately or even maliciously. ESG research investigated the types of privileged user access controls employed by enterprises and uncovered key differences in the implementation methodologies among these organizations. The findings serve as a guide for organizations that wish to improve their information security posture, while shining a light on the opportunities available to vendors of privileged access control products and services.  

  • Blogs
    Sep 12, 2012

    Which Information Security Services are Most Popular?

    Enteprises are looking to supplement internal efforts and find service providers with specialized security expertise.

  • briefs
    Sep 7, 2012

    Enterprise Data Masking and Informatica

    Data masking enables organizations to share data structures between end-users, software developers, and third-party organizations, while maintaining confidentiality of the information itself. In the past, data masking was often implemented in an ad-hoc manner, resulting in different data-masking methods used by individual departments or a sub-set of databases. With recent improvements to data-masking tools, organizations should pull together their masking projects and standardize on a single data-masking solution as part of their data management initiative. Informatica, one of the leaders in this space, offers a comprehensive suite of data-masking products that meet these enterprise requirements.

  • Blogs
    Sep 7, 2012

    Where Does Mitt Romney Stand on Cybersecurity?

    Intelligence sharing?  Criticism?  More study?  Who knows.

  • Blogs
    Sep 5, 2012

    The Security Skills Shortage Impact on Security Services

    Information security services are booming right now but the skills shortage could soon disrupt the party. 

  • Blogs
    Aug 30, 2012

    The Security Skills Shortage Is Worse Than You Think

    I’ve written a lot about the security skills shortage but it is worth reviewing a bit of data here for context.  According to ESG Research, 55% of enterprise organizations (i.e., those with more than 1,000 employees) plan to hire additional security professionals in 2012 but they are extremely hard to find.  In fact, 83% of enterprises claim that it is “extremely difficult” or “somewhat difficult” to recruit and/or hire security professionals in the current market.

  • Blogs
    Aug 27, 2012

    Software-defined Security?

    Get ready for a new acronym at VMworld, Software-defined Security (SDS).  Lots of vendors will be selling SDS but I'm not buying it. 

  • research briefs
    Aug 24, 2012

    Online File Sharing and Collaboration: Security Challenges and Requirements

    Security is the primary concern for organizations contemplating online file sharing and collaboration, and their concerns are proving to be well-founded. According to ESG research, organizations that have already adopted online file sharing say that security challenges continue to plague their deployments. The research also reveals the security controls that are important (and not so important) to organizations evaluating online file sharing providers, and highlights the biggest worries IT professionals have about online file sharing.

  • research briefs
    Aug 24, 2012

    Cloud Computing and Server Virtualization Security Confounds CISOs

    Large organizations are virtualizing infrastructure and adopting cloud computing in order to improve efficiencies, lower costs, and accelerate IT responsiveness. These are tremendous business benefits, but ESG Research indicates that these new technology initiatives present numerous security challenges that can increase IT risk or even slow down forward-looking IT projects.

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. 

Full Biography