Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.
Look for machine learning, automation, orchestration, integration and threat intelligence to dominate the Black Hat security conference.
New ESG research finds more threats, more work and more alerts make it difficult for cybersecurity professionals to keep up.
IoT, mobility, cloud and pressing security needs mean that every node must have a trustworthy identity and a secure path to network services.
Cisco demonstrated its commitment to cybersecurity at its annual customer event. It's in a good position but has lots of work ahead.
Splunk's senior vice president of security markets, Haiyan Song, talks about security technology integration, Splunk’s strategy and customer benefits.
Some random thoughts on the causes and ramifications of the WannaCry ransomware attack—the biggest cybersecurity incident in years
Enterprise-class cybersecurity technology vendors must offer SIEM software, security analytics, and operations capabilities or have strong SIEM partners.
Cybersecurity professionals say enterprise-class cybersecurity vendors must offer industry experience, support for IT initiatives and a commitment to streamline security operations.
While network firewalls continue to anchor security, requirements are changing and next-generation firewall (NGFW) functionality is migrating elsewhere.
Enterprises want best-of-breed security technology and integration. They'd buy from enterprise-class cybersecurity vendors—if they knew who they were.
Large organizations are consolidating the number of security vendors they do business with and buying products built for integration.
The global cybersecurity skills shortage demands that new cybersecurity technologies must be built for ease of deployment, ease of use, and rapid ROI.
Organizations with 100 to 999 employees remain understaffed and under-skilled in cybersecurity—and an easy mark for hackers.
Most organizations are increasing cybersecurity spending and elevating cybersecurity issues to the board level but still struggle with the cybersecurity skills shortage.
Similar to the rise of ERP in the 1990s, we are about to see a cybersecurity services boom around Security Operations and Analytics (SOAPA).
Large organizations need to focus on formalizing processes, implementing intelligent security technologies, training staff and modifying the organization.
Security veteran McAfee has ample opportunity to prosper again with the right investment and focus.
Large organizations are dedicating security and IT resources to craft a micro-segmentation strategy for all workloads across internal networks and public clouds.
Raimond Genes, Trend Micro CTO, cybersecurity visionary and an inspiration, is gone but not forgotten.
Enterprise organizations must move beyond reactive and operational use cases and leverage threat intelligence more aggressively.
Cybersecurity professionals admit that they still don’t have the right skills, processes and monitoring capabilities for cloud security. Suggestions?
Manual processes limit incident response efficiency and effectiveness, driving the need for incident response automation and orchestration.
Marc van Zadelhoff, general manager of IBM’s security division, discusses SOAPA requirements, intelligence and scale.
Marc van Zadelhoff, general manager of IBM’s security division, talks SOAPA market demand and evolution of the architecture.
Nearly half of all organizations report a “problematic shortage” of cybersecurity skills in 2017.
Enterprises can’t keep up with security alert volume, struggle to prioritize the right alerts and ignore a large percentage of the security alert total. They need help!
Most cybersecurity professionals come from IT. This experience serves as a strong foundation and helps them succeed in cybersecurity.
Encryption, IAM, SIEM and UBA vendors will benefit from New York State's new cybersecurity regulations for financial services organizations.
New York State Department of Financial Services (DFS) rules mandate comprehensive and ongoing training for cybersecurity professionals. Right direction, long way to go.
Interesting announcements on cognitive computing, endpoint security, middleware, and threat intelligence
At the upcoming RSA Conference, expect to see vendors talking about architecture, machine learning, threat intelligence and incident response automation.
DDoS protection, network security analytics and cloud security will take center stage at RSA 2017.
Lots of visibility and hype around next-generation endpoint security, suites, EDR and services at the upcoming RSA Security Conference
The U.S. Army’s dismissal of multiple warning signs and lack of strong security policies and controls were major contributors to criminal activities.
Apathy, budget shortages and the cybersecurity skills shortage lead to a constant wave of security incidents.
Comprehensive suites, machine learning, EDR and vendor attrition will be highlighted at the RSA Conference and throughout the entire year.
Projects are well underway and evolving, while commercial incident response tools continue to gain momentum.
The Trump administration should enlist the help of true cybersecurity professionals, rather than political insiders, to put an effective national plan together.
Cloud, IoT, mobile and digital transformation will place new demands on usability, scalability and enterprise-class features of cybersecurity analytics and operations products.
Security professionals want better ways to analyze and operationalize the massive increase in security data collection and processing. SOAPA can help
There have been lots of activities over the past two years that will only gain more traction in 2017.
Research reveals high demand for security analysis, application security and cloud computing skills.
Data from an ESG/ISSA report reveals the most important attributes for CISOs and why CISOs leave their jobs so often.
President Trump must balance partisan politics with the pragmatic realities of cybersecurity.
President-elect Trump could make strong progress on cybersecurity while adhering to his campaign promises.
SIEM systems are becoming part of a dynamic and evolving security analytics and operations architecture.
Cybersecurity professionals become dissatisfied when security is considered an afterthought, their pay isn’t on par with the industry, and they don’t have opportunities for skills development.
Limited vision statement, lack of knowledge and bureaucratic intransigence could increase cyber risk after Trump is inaugurated.
Like NAC, software-defined perimeter (SDP) is a bit of a niche today. But cloud, IoT and mobility will likely drive massive SDP proliferation over the next few years.
Garbage in, garbage out big data analytics models demonstrate that people are just as important as data sets and algorithms.