Jon Oltsik

Jon Oltsik

Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Jon has an M.B.A. and a B.A. from the University of Massachusetts, Amherst. As an escape from cybersecurity intelligence and technology, he plays guitar in a rock-and-roll cover band.

Recent Posts by Jon Oltsik:

ESG/ISSA Research Report: The Life and Times of Cybersecurity Professionals

Abstract:

In order to assess the experiences, careers, and opinions of cybersecurity professionals, ESG/ISSA surveyed 343 cybersecurity professionals representing organizations of all sizes, across all industries and geographic locations. Survey respondents were also ISSA members.

Survey participants represented a wide range of industries including health care, IT, financial services, manufacturing, business services, communications and media, and government.

Topics: Cybersecurity ISSA

ESG Research Report: Cybersecurity Analytics and Operations in Transition

ABSTRACT

Given an increasing focus on security analytics and operations, ESG initiated a primary research project in early 2017 to assess the state of the market. In pursuit of this goal, ESG surveyed 412 IT and information security professionals representing large mid-market (500 to 999 employees) and enterprise-class (1,000 employees or more) organizations in North America and Western Europe. Respondents surveyed for this project had intimate knowledge and direct involvement in their organizations’ security analytics and operations people, processes, and technologies.

Download the complimentary abstract.
Topics: Cybersecurity SOAPA

ESG Research Report: The Shifting Cybersecurity Landscape

Abstract:

The cybersecurity industry is populated with a plethora of vendors offering discrete solutions representing a fragmented market, historically absent of dominant leaders. The influx of venture capital funding, and, more recently, the participation of private equity firms, have contributed to a growing number of players vying for buyer mindshare and budget. However, notable M&A activity, including Symantec’s acquisition of BlueCoat, and the TPG Capital-led spinout of Intel Security, coupled with anecdotal customer feedback about point tool fatigue, indicate the cybersecurity market is at a tipping point, one that could lead to centers of power, vendor-centric ecosystems, and the emergence of a small group of enterprise-class cybersecurity vendors. These dynamics were the impetus for ESG to conduct research on both the rise of enterprise-class cybersecurity vendors and the requirements of enterprise-ready cybersecurity platforms.

Topics: Cybersecurity

ESG Brief: 2017 Cybersecurity Spending Trends

Abstract:

IT spending for cybersecurity products and services continues to accelerate in 2017 as business and IT executives grapple with the dangerous threat landscape, compounded by the increasing use of cloud services that expand the attack surface area. Nevertheless, the fact that cybersecurity is once again a top business priority clearly indicates that organizations intend to spend to protect themselves from risk and compromise.

Topics: Cybersecurity

ESG/ISSA Research Report: Through the Eyes of Cyber Security Professionals: Annual Research Report (Part II)

Abstract:

Today’s cyber security professionals reside on the frontline of a perpetual battle, tasked with applying limited resources to outthink would be cyber-attackers and defend their organizations against everything from embarrassing website defacement through unseemly ransomware extortion to devastating data breaches. Alarmingly, cyber security professionals often accept this challenge knowing they are undermanned for the fight. According to ESG research, 46% of organizations claim to have a problematic shortage of cyber security skills.

Topics: Cybersecurity

ESG Brief: The Convergence of Cybersecurity and National Security in the 2016 Presidential Election

Abstract:

The 2016 U.S. presidential election has been fraught with hacking attempts, data breaches, and public exposure of confidential emails by whistleblower website WikiLeaks. These incidents, along with the general state of cybersecurity threats and vulnerabilities, have cybersecurity professionals extremely concerned. According to ESG research, 94% of cybersecurity and IT professionals surveyed say that cybersecurity should be a top national security priority for the next administration.

Topics: Cybersecurity

ESG/ISSA Research Report: The State of Cyber Security Professional Careers

Abstract:

In order to assess the experiences, careers, and opinions of cyber security professionals, ESG and ISSA surveyed 437 cyber security professionals representing organizations of all sizes and across all industries and geographic locations. Survey respondents were also ISSA members.

Topics: Storage Cybersecurity Data Protection Networking Application Development & Deployment Data Management

ESG Brief: Symantec-Blue Coat Merger Sentiment

Abstract:

ESG recently surveyed 171 IT and cybersecurity professionals at enterprise-class (i.e., 1,000 or more employees) organizations to get their perspectives on Symantec’s stated intention to acquire Blue Coat. This research found that customers of one or both companies—as well as those organizations that don't currently buy from either—are positive about the possibility of a combined Symantec-Blue Coat, with the prospect of an integrated cybersecurity products and services portfolio resonating as the most widely anticipated benefit of the merger.

Topics: Cybersecurity Networking

ESG Research Report: The Visibility and Control Requirements of Cloud Application Security

Abstract:

ESG’s cloud security research was designed to gain insights into the awareness of, requirements for, and future plans with regard to cloud security. Participating organizations were required to be using cloud services in production, with individual respondents responsible for or highly familiar with their company’s cloud security requirements, challenges, and subsequent plans. Survey participants represented a wide range of industries including manufacturing, financial services, health care, communications and media, retail, government, and business services. For more details, please see the Research Methodology and Respondent Demographics sections of this report.

Topics: Cybersecurity

ESG Brief: The Case for Network Traffic Security Analytics

Abstract:

Enterprise organizations spend millions of dollars on security technologies like antivirus software, firewalls, IDS/IPS, and SIEM systems, yet they continue to experience cyber-attacks and data breaches. What can be done to address this issue? To improve incident detection and response, large organizations need to invest in new types of security analytics tools that collect, process, and analyze security data more effectively. There are lots of security analytics technologies to choose from, but network traffic security analytics systems have some distinct advantages. Since malicious activities crisscross over networks, network traffic security analytics can act as a source of truth for modelling normal network behavior, detecting anomalies, investigating malicious patterns, and hunting for stealthy cyber-attacks in progress

Topics: Cybersecurity Networking