Jon Oltsik

Jon Oltsik

Jon Oltsik is an ESG senior principal analyst, an ESG fellow, and the founder of the firm’s cybersecurity service. With 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Recent Posts by Jon Oltsik:

Enterprises Need to Embrace Top-Down Cybersecurity Management

When I first entered the cybersecurity market in 2003, I’d already been working in the IT industry for about 16 years in storage, networking, and telecommunications previously. By the early 2000s, all three sectors had moved on from bits and bytes to focusing on how each technology could help organizations meet their business goals. Oh sure, we still talked speeds-and-feeds, but we led with things like business agility, productivity, and cost cutting. The technology was a means to an end rather than an end in itself.

When I got to the cybersecurity industry, I was surprised by what I saw. Unlike other areas of IT, cybersecurity was still deep in the weeds, focused on things like IP packets, application protocols, and malicious code. In other words, cybersecurity remained a “bottom-up” discipline as the cybersecurity team viewed the world from networks and devices “up the stack” to applications and the business.

Topics: Cybersecurity

Thoughts on IBM Think and Cybersecurity

I just got back from attending IBM Think in San Francisco. Though it was a quick trip across the country, I was inundated with IBM’s vision, covering topics from A (i.e., artificial intelligence) to Z (i.e., System Z) and everything in between. 

Despite the wide-ranging discussion, IBM’s main focus was on three areas: 1) Hybrid cloud, 2) Advanced analytics, and 3) Security. For example, IBM’s hybrid cloud discussion centered on digital transformation and leaned heavily on its Red Hat acquisition, while advanced analytics included artificial intelligence, cognitive computing (Watson), neural networks, etc. To demonstrate its capabilities in these areas, IBM paraded out customers like Geico, Hyundai Credit Corporation, and Santander Bank, who are betting on IBM for game-changing digital transformation projects.

Topics: SOAPA Cybersecurity

Cyber Risk Management Disconnect Between Business and Security

A few years ago, cybersecurity professionals often lamented that executives didn’t want good security, they wanted “good enough” security. This axiom reflected that many CEOs equated cybersecurity with regulatory compliance. If the CISO could check all the right PCI, HIPAA, or SOX boxes, cybersecurity concerns were taken care of.

The “good enough” security attitude was an aversion for the cybersecurity crowd. CISOs who wanted to adequately protect corporate assets longed for a time when business executives would truly appreciate cyber risk and would be willing to participate and fund cyber risk management efforts adequately.

Topics: Cybersecurity

Security Point Tools Problems

At most enterprise organizations, cybersecurity infrastructure grew organically over time. The security team implemented each security control in response to a particular threat, such as if antivirus software appeared on desktops, gateways were added to the network, sandboxes were deployed to detect malicious files, etc. 

Topics: Cybersecurity SOAPA

The Cybersecurity Skills Shortage Is Getting Worse

At the end of each year, ESG conducts a wide-ranging global survey of IT professionals, asking them about challenges, purchasing plans, strategies, etc.  As part of this survey, respondents were asked to identify areas where their organization has a problematic shortage of skills.

In 2018-2019, cybersecurity skills topped the list – 53% of survey respondents reported a problematic shortage of cybersecurity skills at their organization.  IT architecture/planning skills came in second at 38%.

Topics: cybersecurity skills shortage Cybersecurity

2019 Will Be the Year of Cloud-based Cybersecurity Analytics/Operations

Security information and event management (SIEM) systems first appeared around 2000 from vendors like Intellitactics, NetForensics, and eSecurity. The original functionality centered around event correlation from perimeter security devices like IDS/IPS and firewalls. 

The SIEM market evolved over the past 19 years, with different vendors, functionality, and use cases. SIEM has also grown into a $2.5 billion-dollar market, dominated by vendors like Splunk, IBM, LogRhythm, and AT&T (AlienVault).

Despite the SIEM evolution, today’s products can be seen as super-sized versions of those of yesteryear. In fact, the original design of SIEM seemed like a knockoff of network and systems management tools CA Unicenter, HP OpenView, and IBM Tivoli. SIEM products were based upon a tiered architecture of distributed data collectors/indexers/processors, and a central database used for data analytics, visualization, and reporting. 

Topics: Cybersecurity

Cybersecurity Predictions for 2019 (Video, Part 2)

Doug Cahill and I had so much to say about cybersecurity in 2019 that we filmed a second video. In this one, we discuss topics like data privacy, GDPR (and other data privacy regulations), the persistent cybersecurity skills shortage, security technology platforms, and geopolitical issues.

Topics: Cybersecurity Predictions

Security Operations Activities to Watch in 2019

If you’ve read my columns over the past few years, you’ve seen a security operations effort I’ve been pushing called SOAPA (security operations and analytics platform architecture). I first conceived of SOAPA as an antidote for the existing security operations practice of relying on an army of independent and disconnected security tools. 

Topics: SOAPA Cybersecurity

Cybersecurity Predictions for 2019 (Video, Part 1)

What will the cybersecurity landscape look like in 2019? My esteemed colleague Doug Cahill and I look into our crystal balls to forecast some big trends to look out for next year. In this video, Doug and I discuss data breaches, threats to critical infrastructure, malware based on artificial intelligence, securing the modern application stack, and cloud-scale security analytics.

Topics: Cybersecurity

Cyber Risk Management Continues to Grow More Difficult

As part of a recent ESG research project, 340 enterprise cybersecurity, GRC, and IT professionals were asked to compare cyber risk management today with how it was two years ago. The data indicates that 39% of survey respondents believe that cyber risk management is significantly more difficult today than it was two years ago, while another 34% say that cyber risk management is somewhat more difficult today than it was two years ago.

Topics: Cybersecurity