Jon Oltsik

Jon Oltsik

Jon Oltsik is an ESG Senior Principal Analyst & ESG Fellow and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Jon was named one of the top 100 cybersecurity influencers for 2015 by Onalytica, and is active as a committee member of the Cybersecurity Canon, a project dedicated to identifying a list of must-read books for all cybersecurity practitioners. Often quoted in the business and technical press, Jon is also engaged in cybersecurity issues, legislation, and technology discussions within the U.S. government.

Jon has an M.B.A. and a B.A. from the University of Massachusetts, Amherst. As an escape from cybersecurity intelligence and technology, he plays guitar in a rock-and-roll cover band.

Recent Posts by Jon Oltsik:

Cybersecurity Trends – With Trend Micro

Last week, Trend Micro came to Boston for its annual Trend Insights industry analyst event. The company provided an overview of its business, products, and strategy. Here are a few of my takeaways:

Topics: Cybersecurity

Ten Takeaways from the Splunk User Conference

I spent the early part of this week in Orlando, attending Splunk .Conf 2018. Here are a few of my takeaways:

  1. Splunk articulated a vision of security analytics/operations for 2020 that included 10 areas:
    1. Data ingestion. Collecting and processing a growing body of security telemetry.
    2. Detection. Finding and blocking known threats.
    3. Prediction. Using advanced analytics to identify new attacks and then spreading the warning around to all connected customers.
    4. Automation. Automate all pedestrian tasks and accelerate more complex tasks.
    5. Orchestration. Use APIs to connect security controls together for investigations and remediation actions.
    6. Recommendation. Monitor and record security operations and then recommend proven actions to the SOC team.
    7. Investigation. Provide intuitive tools to figure out what cyber-attacks are happening and why they are happening.
    8. Collaboration. Offer a workbench for security operations while connecting to collaboration tools like Slack.
    9. Case management. Deliver a security-centric tracking system that spans security incident management lifecycles. 
    10. Reporting. Providing a central place to measure all aspects of reporting.
Topics: Cybersecurity ESG on Location

Cloudy Future for Security Analytics

When you think of security analytics and operations, one technology tends to come to mind – security information and event management (SIEM). SIEM technology was around when I started focusing on cybersecurity in 2002 (think eSecurity, Intellitactics, NetForensics, etc.) and remains the primary security operations platform today. Vendors in this space today include AlienVault (AT&T), IBM (QRadar), LogRhythm, McAfee, and Splunk.

Topics: Cybersecurity SOAPA

Form Factor Wars: Cloud-based or On-premises Security Technologies?

Cybersecurity professionals are paid to be paranoid and tend to want to control everything they can to minimize surprises or third-party dependencies This has always been the case with regards to security technology.  Historically, CISOs mistrusted managed services, preferring instead to “own” the deployment and operations associated with their security technologies. 

Topics: Cybersecurity

Cybersecurity Challenges at Smaller Organizations

Hello dedicated readers! My blog is back from a restful week’s vacation on Cape Cod and ready to tackle the falling leaves, changing temperatures, and cybersecurity issues of Autumn.

Back in August, I wrote a few blogs about cybersecurity trends in small and mid-sized organizations (i.e. between 50 and 499 employees). The first blog looked at the state of cybersecurity at SMB firms and the second blog examined what they are doing to address these issues. 

Topics: Cybersecurity

CISOs Recommend Future Actions for their Organizations

Each year, ESG conducts a research project with the Information Systems Security Association (ISSA) on the mindset of cybersecurity professionals (the 2017 report is available here). As part of last year’s research, we asked respondents to identify the top actions their organizations should take in the future to improve cybersecurity. We then looked at this data based upon respondents’ roles, so we could look at the specific recommendations from CISOs (or other titles with equivalent job descriptions). 

Based upon this analysis:

Topics: Cybersecurity

What Are the Most Important Attributes of a Cybersecurity Platform?

We’ve seen an ongoing cybersecurity technology trend that goes something like this:

Topics: Cybersecurity SOAPA

The Transition Toward Enterprise-class Cybersecurity Vendors

Recently, ESG completed its second annual enterprise-class cybersecurity vendor research. The story behind this project goes something like this: Enterprise organizations (i.e., those with 1,000 employees or more) have too many point tools and are now engaged in projects to integrate security technologies while eliminating some tools and vendors along the way.

Topics: Cybersecurity SOAPA

What Are Small Organizations Doing About Cybersecurity?

Last week, I published a blog on the state of cybersecurity at small organizations. As a review, two-thirds of firms with 50 to 499 employees have experienced at least one cybersecurity incident over the past few years, leading to lost productivity and business disruptions. Survey respondents claim that the biggest contributing factors to these cybersecurity incidents include human error, a lack of knowledge about cyber risk, and new IT initiatives lacking proper cybersecurity oversight.

Topics: Cybersecurity

Cybersecurity Experiences at Small Organizations

ESG recently completed a research survey of 400 cybersecurity and IT professionals working at small organizations (i.e., 50 to 499 employees) in North America. As you can imagine, these firms tend to have a small staff responsible for cybersecurity and IT, reporting to business management rather than CIOs or CISOs.

Topics: Cybersecurity