Jon Oltsik

Jon Oltsik

Jon Oltsik is an ESG Senior Principal Analyst & ESG Fellow and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Jon has an M.B.A. and a B.A. from the University of Massachusetts, Amherst. As an escape from cybersecurity intelligence and technology, he plays guitar in a rock-and-roll cover band.

Recent Posts by Jon Oltsik:

Cyber Risk Management Continues to Grow More Difficult

As part of a recent ESG research project, 340 enterprise cybersecurity, GRC, and IT professionals were asked to compare cyber risk management today with how it was two years ago. The data indicates that 39% of survey respondents believe that cyber risk management is significantly more difficult today than it was two years ago, while another 34% say that cyber risk management is somewhat more difficult today than it was two years ago.

Topics: Cybersecurity

Cyber Risk Management in Transition

At ESG, we are just about to publish some new research on cyber risk management and I’ve been knee-deep in the data for the past month. Here are a few of my initial impressions:

  • Business managers are far more involved than they used to be. A few years ago, business executives didn’t want good security, they wanted good enough security. Back then, security professionals bemoaned these half-hearted cybersecurity efforts, longing for CEOs with cybersecurity knowledge who were truly invested in strong cybersecurity controls and oversight. Note to cybersecurity pros, ‘be careful what you wish for.’ The ESG data indicates that corporate executives and boards are much more involved and demanding these days. This is forcing CISOs and infosec teams to collect and analyze more cyber risk data and present it to the mucky-mucks in business-friendly terms. The data indicates that this is already driving a new, more comprehensive model for cyber risk management.
Topics: Cybersecurity cyber risk management

Best-of-Breed Security Products Still Dominate – Kind Of

The history of security purchasing centers around best-of-breed products. With each requirement, security professionals would research products, review third-party tests, bring in products for internal testing, and buy those that exhibited a superior ability to prevent, detect, or respond to cyber-attacks.

Topics: Cybersecurity

Cybersecurity Technology Platform Attributes Defined

In a blog I wrote and published in August, I listed the 8 attributes that my colleague Doug Cahill and I believe are critical for a cybersecurity technology platform. The blog also ranks the 8 attributes according to a recent survey of 232 cybersecurity professionals working at enterprise organizations (i.e., those with more than 1,000 employees).

Topics: Cybersecurity

Cybersecurity Professional Impressions on Cloud-native Security

In a recent research survey, ESG asked a panel of 232 security and IT professionals a series of questions about cloud-native security (i.e., security controls, management, and monitoring options built into cloud infrastructure and offered by cloud service providers (CSPs)). Here are a few of the data points we uncovered:

Topics: cloud security Cybersecurity

McAfee’s Vision at MPower

I wrapped up my 3-week tour of the cybersecurity industry with a stop in Las Vegas for McAfee MPower. Here are a few of my takeaways from the event:

Topics: Cybersecurity

Cybersecurity Trends – With Trend Micro

Last week, Trend Micro came to Boston for its annual Trend Insights industry analyst event. The company provided an overview of its business, products, and strategy. Here are a few of my takeaways:

Topics: Cybersecurity

Ten Takeaways from the Splunk User Conference

I spent the early part of this week in Orlando, attending Splunk .Conf 2018. Here are a few of my takeaways:

  1. Splunk articulated a vision of security analytics/operations for 2020 that included 10 areas:
    1. Data ingestion. Collecting and processing a growing body of security telemetry.
    2. Detection. Finding and blocking known threats.
    3. Prediction. Using advanced analytics to identify new attacks and then spreading the warning around to all connected customers.
    4. Automation. Automate all pedestrian tasks and accelerate more complex tasks.
    5. Orchestration. Use APIs to connect security controls together for investigations and remediation actions.
    6. Recommendation. Monitor and record security operations and then recommend proven actions to the SOC team.
    7. Investigation. Provide intuitive tools to figure out what cyber-attacks are happening and why they are happening.
    8. Collaboration. Offer a workbench for security operations while connecting to collaboration tools like Slack.
    9. Case management. Deliver a security-centric tracking system that spans security incident management lifecycles. 
    10. Reporting. Providing a central place to measure all aspects of reporting.
Topics: Cybersecurity ESG on Location

Cloudy Future for Security Analytics

When you think of security analytics and operations, one technology tends to come to mind – security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and remains the primary security operations platform today. Vendors in this space today include AlienVault (AT&T), IBM (QRadar), LogRhythm, McAfee, and Splunk.

Topics: Cybersecurity SOAPA

Form Factor Wars: Cloud-based or On-premises Security Technologies?

Cybersecurity professionals are paid to be paranoid and tend to want to control everything they can to minimize surprises or third-party dependencies This has always been the case with regards to security technology.  Historically, CISOs mistrusted managed services, preferring instead to “own” the deployment and operations associated with their security technologies. 

Topics: Cybersecurity