Jon Oltsik

Jon Oltsik

Jon Oltsik is an ESG senior principal analyst, an ESG fellow, and the founder of the firm’s cybersecurity service. With 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.

Recent Posts by Jon Oltsik:

SOAPA Discussion On EDR and XDR with Jon Oltsik and Dave Gruber (Video) Part 2

In part 2 of our SOAPA video, I welcome back my astute colleague, Dave Gruber. The conversation turns to XDR, a market segment that Dave and I collaborate on. I ask Dave about:

  • The definition of XDR. It’s a nebulous industry term but Dave nails it by explaining that XDR is a method for bringing controls together to improve security telemetry collection, correlation, contextualization, and analytics. There’s also an operational side of XDR to help coordinate response and remediation across multiple controls simultaneously.
Topics: Cybersecurity SOAPA XDR

10 Security Changes Post-COVID-19

Back in March, I heard from several CISOs about how COVID-19 was disrupting their cybersecurity programs and changing their priorities. A few weeks later, I connected with some CISO friends, and got an update on phase 2 of their pandemic journeys.

While no one knows when the coronavirus impact will end, we are getting a good perspective on what the new normal will look like. Here are ten changes I anticipate (in no particular order):

Topics: Cybersecurity COVID-19 Tech Effect

SOAPA Discussion on EDR and XDR With Jon Oltsik and Dave Gruber (Video) Part 1

The SOAPA video series has featured a series of prolific industry beacons representing leading security operations technology vendors. That will continue, but I thought I’d shake up the format a bit by inviting my colleague and friend, Dave Gruber, to participate. 

Topics: Cybersecurity SOAPA XDR

SOAPA Interview With Hugh Njemanze of Anomali, Part 2

It’s great to be back with the SOAPA video series, albeit in a remote format. Nevertheless, I was excited to interview Hugh Njemanze, CEO of Anomali, a leading threat intelligence platform (TIP). In part 2 of our video, Hugh and I yak about:

Topics: Cybersecurity SOAPA

SOAPA Interview With Hugh Njemanze of Anomali, Part 1

The SOAPA video series is back! In this global pandemic edition, I speak with Hugh Njemanze, CEO of Anomali, a leading threat intelligence platform (TIP). In part 1 of my chat with Hugh, we discuss:

  • Security operations difficulties. ESG research indicates that 63% of organizations claim that security operations are more difficult than they were 2 years ago. Hugh agrees and believes these difficulties are related to the breadth of tools and practices that are creating visibility and process gaps.
Topics: Cybersecurity SOAPA

Cyber Threat Intelligence (CTI) Management: Now More Than Ever

I heard some alarming new statistics from IBM security this week. With COVID-19 as a backdrop, cyber-attacks are up 14,000% led by a spike in ransomware. IBM also revealed a 6000% increase in spam, as hackers social-engineer nervous users with fictitious coronavirus news and miracle cures. Other firms like DomainTools, FireEye, and Palo Alto Networks have reported similar data. Yikes!

Topics: Cybersecurity COVID-19 Tech Effect

Continuous Automated Penetration and Attack Testing (CAPAT) for COVID-19 Cyber-risk Mitigation

About a month ago, I wrote a blog about how COVID-19 was driving rapid and dynamic changes for CISOs. I followed this up with a second blog, detailing a number of subsequent cybersecurity phases CISOs are now pursuing to assess and mitigate COVID-19-based cyber risks.  

Both blogs describe some fundamental problems. Corporate cybersecurity now extends to home networks filled with insecure IP devices with little or no security protection whatsoever. Meanwhile, hackers are exploiting societal malaise with online scams, rogue websites, and phishing campaigns preying upon COVID-19 paranoia. A recent article in the Washington Post described research from Palo Alto Networks identifying more than 2,000 malicious COVID-19 web domains and another 40,000 it classifies as “high risk.”

Topics: Cybersecurity COVID-19 Tech Effect

Next Steps for Dealing With COVID-19/WFH

Last week, I wrote a blog describing 3 ways that COVID-19 is changing CISO priorities for 2020. COVID-19 drove large scale work from home (WFH) initiatives where the priority was getting users up and running as quickly as possible. Security leaders were then forced into an unanticipated follow on sprint to deliver elementary security safeguards for remote employees (i.e., VPNs, endpoint security controls, network security controls, etc.).

Topics: Cybersecurity COVID-19 Tech Effect

3 Ways COVID-19 Is Changing CISO Priorities

According to ESG research, 62% of organizations were poised to increase spending on cybersecurity in 2020. Thirty-two percent of survey respondents said they would invest in cybersecurity technologies using AI/ML for threat detection, followed by data security (31%), network security (30%), and cloud application security (27%).

Of course, that was back in the innocent and carefree days before COVID-19. Have things changed?  Yes, and seemingly overnight. Like society at large, the cybersecurity world's priorities, strategies, and tasks have been turned upside down.

Topics: Cybersecurity COVID-19 Tech Effect

Toward a Common UI/UX for the SOC (Security Operations Center)

It’s 2020, yet many organizations still depend upon a myriad of disparate point tools for security operations, leading to many challenges. According to ESG research:

  • 35% of cybersecurity professionals say that the biggest challenges associated with managing an assortment of point tools is that it makes security operations complex and time consuming.
Topics: Cybersecurity