Jon Oltsik

Senior Principal Analyst

  • Blogs
    Dec 7, 2012

    Security Data Explosion Is Driving Big Data Security Analytics

    Enterprises collect terabytes of data on a monthly basis. What makes security data “big data?“ One place to start is simply security data volume.

  • Blogs
    Nov 29, 2012

    Security Analytics Is In Fact A Big Data Problem

    New ESG data reveals that enterprise organizations believe that the intersection of security analytics and big data is here today or will arrive very soon.

  • research reports
    Nov 28, 2012

    Research Report: The Emerging Intersection Between Big Data and Security Analytics

    In order to assess the intersection of big data and security analytics in 2012 and beyond, ESG surveyed 257 IT and information security professionals working at enterprise-class (1,000 employees or more) organizations in North America. All respondents were directly involved in the planning, implementation, and/or operations of their organization’s information security policies, processes, or technical safeguards. They were all also familiar with their organization’s collection and/or analysis of security data in support of their organization’s risk management, security analysis, and incident detection/response strategies.

  • infographics
    Nov 28, 2012

    The Emerging Intersection Between Big Data and Security Analytics Infographic

    Large organizations are collecting, processing, storing, and analyzing more and more data to support security management and operations activities such as risk management and incident detection/response. Legacy security analytics tools cannot keep up with this data growth, which presents a new set of challenges and risks for CISOs. The data presented in this report identifies a transition in place--large organizations will alter processes, replace technologies, and enhance internal skills in order to build a scalable, integrated, and highly intelligent "big data" security analytics architecture.

  • briefs
    Nov 26, 2012

    Sourcefire: Advanced Malware Detection/Prevention (AMD/P) and an Enterprise Security Architecture

    This month, Sourcefire announced new security software, new network security appliances, and AMD/P functionality for FirePOWER appliances. This announcement alone was pretty impressive, but along with Sourcefire’s host-based AMD/P, next-generation network security offerings, and cloud-based big data intelligence and analytics, Sourcefire offers an enterprise-class security architecture. This will likely make Sourcefire extremely popular with CISOs and large organizations.

  • briefs
    Nov 14, 2012

    In Pursuit of a Comprehensive Database Security Strategy

    Motivated by Advanced Persistent Threats (APTs), insider attacks, and the ominous threat landscape, many large organizations are investing in new database security controls. This is a good start, but ESG believes that databases must become part of an overall security strategy and not simply secured in isolation. To maximize protection while streamlining operations, a database security strategy should encompass people, processes, and technology while tightly integrating into the overall enterprise security architecture.

  • Blogs
    Nov 13, 2012

    The Elections and Cybersecurity

    Bipartisan rhetoric sounds good but cybersecurity action is likely to languish.

  • briefs
    Nov 12, 2012

    Small Enterprises Must Anticipate Security Management Changes

    Pity the poor CISO working in small enterprise organizations. Faced with a dangerous threat landscape and a multitude of new IT initiatives, security executives are forced to address new security requirements with legacy point tools, short-staffed security groups, and manual processes. This can’t—and won’t—work for long. What’s needed are new intelligent, automated, and tightly integrated security management systems that are designed for both compliance automation and incident detection/response. Available solutions are few and far between, but eIQ is one vendor offering this type of next-generation functionality today.

  • Blogs
    Oct 31, 2012

    RSA Buys SilverTail Systems: Great fit, tremendous upside

    Common market and skills, complementary technologies, and opportunities for services play.

  • Blogs
    Oct 22, 2012

    Security Analytics Tools Need to Understand Normal Behavior across IT

    New SIEM functionality from LogRhythm baselines behavior for anomaly detection and security automation

  • News
    Oct 18, 2012

    IBM Takes a Big Data Approach to Security - The New York Times

  • briefs
    Oct 15, 2012

    Enterprise Information Security in Transition: An Opportunity for IBM

    Many CISOs are in a no-win situation. On the one hand, they face a dangerous threat landscape and need to secure new IT initiatives such as cloud computing, mobile computing, and social media. On the other hand, they continue to rely on discrete point tools, under-staffed organizations, and manual processes as the basis of their security defenses. This mismatch leads to ever-increasing risk to organizations and IT assets—an unacceptable situation. ESG believes that information security discontinuity is driving fundamental changes across enterprise security that encompasses people, process, and technology. As this transition occurs, IBM may be one of few vendors with the appropriate enterprise products, resources, and expertise to address new enterprise security requirements.

  • Blogs
    Oct 12, 2012

    Defense Secretary Warns of Cyber Pearl Harbor

    Familiar caution is welcome but perpetual inaction is the real problem.

  • research briefs
    Oct 12, 2012

    The Growing Use of Professional and Managed Security Service Providers

    ESG surveyed security professionals to find out about their current and planned use of third-party professional or managed security service providers to fulfill some or all of their organizations’ security requirements. The research revealed that many organizations are increasing their use of security services for multiple reasons, and most of those reasons relate to the ongoing security skills gap and staff shortage. The most requested security services? Security design and threat management.

  • News
    Oct 4, 2012

    What if Ethernet failed? - PC Advisor

More Results:



Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies. 

Full Biography