Jon Oltsik

Jon Oltsik

Jon Oltsik is an ESG senior principal analyst, an ESG fellow, and the founder of the firm’s cybersecurity service. With 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Recent Posts by Jon Oltsik:

SOAPA Video with Devo (Part 2)

In part 2 of my SOAPA video with old friend Dimitri Vlachos from Devo, we discuss:

  1. Devo use cases. Dimitri describes some of the most popular security use cases for Devo, including threat detection, security analytics/investigations, and threat hunting. I’ve got to hand it to Dimitri as he came up with one of the best SOAPA video soundbites ever, “You can’t use old tools to cover new security analytics needs.”
Topics: Cybersecurity SOAPA

Endpoint Security Is Consolidating, but What Does That Mean?

In 2017, my colleague Doug Cahill conducted research on endpoint security. Back then, the research indicated that 87% of organizations were considering a comprehensive endpoint security suite rather than several disconnected endpoint security point tools.

Topics: Cybersecurity

The Case for Continuous Automated Security Validation (CASV)

Chinese military strategist Sun Tzu is quoted as saying, “if you know the enemy and you know yourself, you need not fear the results of a hundred battles.” In cybersecurity terms, this means knowing the cyber-adversaries and associated tactics, techniques, and procedures (TTPs) they use to attack your organization. Additionally, Sun Tzu’s quote extends to an organizational reflection where you must know everything about your technical, human, and even physical vulnerabilities in order to apply the best protection for critical assets.

Topics: Cybersecurity

SOAPA Video with Devo (Part 1)

Whip it good--as old friend Dimitri Vlachos from Devo stopped by the ESG video studio to kick off our 2019 SOAPA video series. If you are unfamiliar with Devo, the company describes itself as follows:

Devo delivers real-time operational and business insights from analytics on streaming and historical data to operations, IT, security, and business teams at the world’s largest organizations.

Topics: Cybersecurity SOAPA security operations security analytics

OpenC2 Can Accelerate Security Operations, Automation, and Orchestration

Over the past few years, ESG has promoted the security operations and analytics platform architecture (SOAPA). Just what is SOAPA? A multi-layered heterogenous architecture designed to integrate disparate security analytics and operations tools. This architecture glues incongruent security analytics tools together to improve threat detection, and then tightly-couples security analytics with operations tools to accelerate and automate risk mitigation and incident response. After all, you can have great security analytics for investigations, threat hunting, and root-cause analysis, but this all means diddlysquat if you can’t use these analytics to make and execute timely incident response and risk mitigation decisions.

Topics: Cybersecurity SOAPA

Vulnerability Management Woes Continue but There Is Hope

I remember giving a presentation when I first started working in cybersecurity in 2003 (note: it was called information security back then). I talked about the importance of good security hygiene, focusing on deploying secure system configurations, managing access controls, and performing regular vulnerability scans. 

Topics: Cybersecurity

The Cybersecurity Technology Consolidation Conundrum

If you are in the cybersecurity market, you’ve heard (or read) about the point tools problem hundreds or thousands of times. Enterprise organizations base their cybersecurity defenses on dozens of point tools from different vendors. These point tools don’t talk to one another, making it difficult to get a complete end-to-end picture for situational awareness. This also leads to tremendous operational overhead as the cybersecurity staff is called upon to act as the glue between disparate tools.

Topics: Cybersecurity

Cyber Risk Management Challenges Are Impacting the Business

There was quite a bit of banter about boardroom cybersecurity actions at RSA Conference 2019. No surprise here, as business executives understand what’s at stake and are asking CISOs to provide more cyber risk data and metrics so they can work with them on intelligent risk mitigation strategies.

Topics: Cybersecurity RSA Conference

The Buzz at RSA Conference 2019

Like many other cybersecurity professionals, I spent last week at RSA Conference 2019 in rainy San Francisco. Here are a few of my impressions:

Topics: Cybersecurity RSA Conference

What to expect at the RSA Conference 2019

I’ve attended the RSA Conference for the past 15 years, and things have changed quite a bit. The event has gone from a few thousand to around 50,000 attendees, leading to a confluence of humanity and traffic around the Moscone Center. Hotel room prices exceed $500 per night, even at some of the “boutique” (i.e., flea bag) hotels in and around Union Square. The RSA event has become the nexus where cybersecurity meets high-end capitalism.

Topics: Cybersecurity RSA Conference