Jon Oltsik is an ESG senior principal analyst and the founder of the firm’s cybersecurity service. With almost 30 years of technology industry experience, Jon is widely recognized as an expert in all aspects of cybersecurity and is often called upon to help customers understand a CISO's perspective and strategies.
Networking leader has an opportunity to flex its infosec muscle and tout its vision and Cisco Live.
Enterprises are building their own integrated cybersecurity architecture so technology vendors must acquiesce or be publicly shunned.
Organizational processes and intransigence are antithetical to strong cybersecurity
CISOs need an all-knowing central system to truly address their cybersecurity monitoring, diagnostics, and operations needs
Cybersecurity professionals must gain experience and get comfortable with virtual network security
Leading-edge network architecture called BeyondCorp is a sign of things to come
Little known ICS-CERT program provides free cybersecurity training for infosec professionals and gets rave reviews
Critical infrastructure cybersecurity professionals want to see more government incentives and harsher penalties.
Security professionals working at critical infrastructure organizations are unclear about US government’s cybersecurity strategy and want to see more federal participation
Visibility, data center security, two-factor authentication, and services were the stars of the RSA 2015 conference last week in San Francisco.
Potential to bring together deep cybersecurity expertise and commercial market execution.
Since cybersecurity software architecture has become an enterprise requirement, the RSA Conference should take a more proactive role in promoting technology integration
Government and infosec industry should build upon threat intelligence energy by focusing on education, standards use-cases, and best practices
Focus on threat detection/response, endpoints, threat intelligence, IAM, cloud, and SDN
Organizations are collecting, processing, and analyzing more and more network traffic.
Next-generation endpoint security suite could be a billion dollar play
New technology deployment opens cyber-threat vectors and makes security operations more complex
Infosec bests data analytics, cloud, and mobile computing. What are the ramifications?
Past examples point to a mixed record of success and failure.
Shane Harris's book outlines the good, bad, and ugly history of federal cybersecurity programs.
Integration, organizational, performance, and technology problems abound
Enterprises are decrypting traffic for security inspection, but it ain't easy.
President’s pep rally at Stanford repeated past promises and ignored the US conflict of interest between defensive reinforcement and offensive cyber operations
Kim Zetter's book on Stuxnet sheds light on esoteric areas like malware analysis, process automation, and cyber war.
Enterprise organizations treat AV software like a flea market when they need to put in time and effort to meet security objectives
Enterprise organizations say that endpoint security is dependent upon too many vendors, products, and software agents
Enterprises need cybersecurity business AND technical leadership, which may require two senior positions.
ESG research provides another indication that the endpoint security market is in a state of transition
Mixed bag. The Feds need to do a lot more.
ESG research shows high demand for infosec professionals as many organizations have a “problematic shortage” in this area.
Bellicose rhetoric and intelligence sharing aren’t enough, the U.S. needs a comprehensive cybersecurity strategy ASAP
My quick list of things to look for next year
Mobile devices, cloud computing, and security concerns are driving increasing use of granular network access controls.
Security services firm can help Cisco support customers, capitalize on growing services opportunities, and pull product sales
Global cybersecurity skills shortage and high demand could lead to high turnover and hyper wage inflation next year
Sony hack may illustrate the downside of picking a fight with skilled cyber adversary
As SDN technology is deployed on production networks, CISOs should be well along the way with SDN security projects.
Enterprises have specific questions but government and industry responses are nebulous at best.
CEO must deal with fundamental weaknesses related to IT organization and status quo behavior if they really want to improve their cybersecurity strategies
Worthwhile read for those who want to understand the where the Internet resides and what it looks like
North American image of Trend as an AV vendor is inaccurate and a disservice to the company. Enterprise security professionals should know better.
McAfee FOCUS event demonstrates that Intel Security is well positioned for enterprise cybersecurity leadership if it can communicate its strong portfolio, hold customers’ hands, and avoid distractions.
IBM’s fortunes in cybersecurity improved substantially when it abandoned its internally focused strategy and built a business to meet customer requirements.
As expert group gains status and budget, large organizations are moving away from the status quo.
Deal aligns cybersecurity business metrics with IT risk mitigation to bridge the perpetual communications gap between business executives and CISOs.
A waste of time and effort unless cybersecurity professionals and the industry beyond the Beltway jump on the Bandwagon.
Hacker tactics are varied, sophisticated, and built for success. This report should be required reading for everyone in the cybersecurity domain.
Numerous market ramifications as network security moves away from the networking organization toward the infosec domain
Endpoint security tools moving beyond AV, putting a $10 billion market in play.
Wall Street and enterprise customers demand bold actions as soon as possible.