Most Recent Blogs

Valuable Federal Cybersecurity Training for Critical Infrastructure Organizations

Posted: May 05, 2015   /   By: Jon Oltsik   /   Tags: Cybersecurity, federal government, Critical Infrastructure

trainingLast week I wrote two blogs about cybersecurity, critical infrastructure organizations, and the US government. Now I'll discuss valuable federal cybersecurity training for critical infrastructure organizations.

Read More

Federal Cybersecurity Carrots and Sticks

Posted: May 01, 2015   /   By: Jon Oltsik   /   Tags: federal government, Critical Infrastructure, Critical Infrastructure Protection, threat intelligence sharing

HandsHoldingLockIn my last blog, I highlighted a recent ESG research survey of cybersecurity professionals working at critical infrastructure organizations. As a review:

Read More

White House Cybersecurity Coordinator Is Kind of Right – but Mostly Wrong

Posted: August 28, 2014   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, federal government

Poor Michael Daniel. The White House cybersecurity coordinator and the man who “leads the interagency development of national cybersecurity strategy and policy” is taking a beating in the press. In a recent interview with federally-focused media outlet, GovInfoSecurity, Daniel defended his lack of security technology experience with the following statement:

"You don't have to be a coder in order to really do well in this position. In fact, actually, I think being too down in the weeds at the technical level could actually be a little bit of a distraction. You can get taken up and enamored with the very detailed aspects of some of the technical solutions and the real issue is looking at the broad strategic picture."

Read More

What President Obama CAN Do About Cybersecurity

Posted: February 11, 2013   /   By: Jon Oltsik   /   Tags: Cybersecurity, Information and Risk Management, Security and Privacy, federal government, state of the union, president obama

When it comes to cybersecurity and public policy, I’m as big a cynic as anyone. Why? From a historical perspective, cybersecurity issues were first recognized during the Bush administration (41, not 43). Over the subsequent 20+ years we’ve experienced misinformed rhetoric, overlapping agendas, and inaction, but little meaningful progress.

Now I realize the President has some higher priority issues to deal with and that cybersecurity is neither sexy nor universally understood. That said, however, there is no denying that things are getting progressively worse. Just this week, congressman Mike Rogers (R, Michigan), stated that he believed that 95% of private sector networks are vulnerable and most have already been attacked.

Read More

More On The Security Skills Shortage Issue

Posted: June 21, 2012   /   By: Jon Oltsik   /   Tags: Information Security, Cloud Computing, Network Security, Cybersecurity, End-User Computing, Endpoint & Application Virtualization, IT Infrastructure, Private Cloud Infrastructure, Networking, Information and Risk Management, mobile, Security and Privacy, BYOD, endpoint security, DHS, Symantec, federal government, nsa, security analytics, DoD, security skills, cloud security

I frequently peruse information security news, and recently came across this article. The article highlights Symantec CEO Enrique Salem's warning of a shortage of talented cybersecurity professionals in the United States. Furthermore, this shortage is especially pronounced where it may be needed most -- law enforcement, intelligence agencies, and the Department of Defense.

Read More

Information Security Skills Shortage Continues

Posted: January 19, 2012   /   By: Jon Oltsik   /   Tags: Information Security, Cybersecurity, Information and Risk Management, Security and Privacy, federal government, ISC2, NIST, security services, CISSP, security skills, cloud security

Like other analyst firms, ESG conducts research on IT Spending Intentions annually. The latest 2012 report will be published soon, but in the meantime, I've taken a look at the data that will be included. One of the things we track is IT hiring plans in all areas including IT security.

Read More

Posts by Topic

see all