infotex History

We are experienced, top-notch technology risk managers. Our team operates a managed services organization that offers network monitoring, audit, and consulting services. We maintain an excellent reputation in the community based financial services and healthcare industries. We strive to run a stable, fun business. We really like working with our Clients and always exceed their expectations.

Experts in IT Risk Management

Company History

Early Years (2000-2004)

• 2000: Bucheri McCarty & Metz LLP, an accounting firm based in Kokomo and Wabash with over 800 commercial clients, decided to take its Technology Division beyond the normal Accounting System Support they had been providing for the previous fifteen years.
• 2000: Dan Hadaway declared that Client should be a proper noun, and to this day we try to capitalize the word in all our writing.
• 2000: Based on the then-recent introductions of several new laws pertaining to Information Security, we started providing Information Security services as infotex.
• 2001: We held our first Information Security Awareness Workshop and have been leaders in educating healthcare, financial, and educational institutions ever since.
• 2002: Dan Hadaway purchased 25% of infotex from Bucheri McCarty & Metz.
• 2002: infotex became the first Tier 3 sponsor of Purdue University’s Center for Education and Research on Information Assurance and Security (CERIAS).
• 2003: infotex purchased Paradigm Shift Security, a Kansas-City based Information Security Firm, and acquired their intellectual capital related to Intrusion Detection systems.
• 2004: We founded, maintained, hosted, and managed bleedingsnort.com, a clearinghouse of signatures for snort. The production of signatures using the open source concept is the quickest way to develop mature signatures for vulnerabilities and threats hours after their discovery.

Adolescent Years (2005-2012)

• 2005: We became a Preferred Service Provider of the Community Bankers Association of Indiana.
• 2005: We hired Sean Waugh, who rose through the ranks of Data Security Analyst, Customer Service Manager, NOC Manager, and Senior Data Security Analyst to be our current Chief Technical Officer.
• 2006: We developed our Log Monitoring Service that makes a great case for the cost effectiveness of outsourcing the overwhelming task of reviewing critical and non-critical event logs. This eventually evolved into our ELM Visualization Interface.
• 2007: With the merger [IBA and CBAI], infotex became a Preferred Service Provider of the Indiana Bankers Association.
• 2007: Dan Hadaway began facilitating the IBA’s annual IT Security Conference.
• 2008: Matt Jonkman migrated the bleedingsnort concept to emergingthreats.net. This snort-signature clearinghouse has become a de facto-standard in open-source signatures. Most of our competitors utilize this clearinghouse for early signature development.
• 2008: Dan Hadaway began facilitating an Annual IT Security Conference sponsored by the Indiana Bankers Association, the Community Bankers Association of Ohio, and the Michigan Bankers Association.
• 2008: We developed our Change Detection service. We also began offering Web Application Security Reviews and Cyber-forensics services.
• 2008: We substantially upgraded the equipment at the NOC, hired a NOC Manager (Chad Smith), and expanded the capacity of our Managed Services by approximately 200%.
• 2009: We entered the FDIC examination program, later renamed to be the FFIEC TSP Supervision Program.
• 2009: We began correlating event log data with network traffic.

• 2010: Dan Hadaway began discussing a buyout of his three partners, and hired Stacey Hadaway to assist with the process.
• 2010: infotex created Vigilize in Twitter, substantially overhauled my.infotex.com (leveraging its blogging capabilities, and established a social media presence with our own Facebook site.
• 2011: infotex rolled out its Event Log Management Visualization Interface.
• 2012: Dan and Stacey Hadaway purchased the remaining 75% of infotex from Bucheri McCarty & Metz, LLP, becoming sole owners of the Company.
• 2012: infotex introduced Midnight Caching and its Interactive Daily Report.
• 2012: infotex introduced the IT Resource Library, where we sell our boilerplates and templates online.

Recent Years (2013-2022)

• 2013: infotex began selling IT Compliance Kits on its E-commerce Blog, and created a new IT Governance Program set that can serve as adequate compliance documentation for a one-person organization.
• 2013: Sean Waugh earned his CISSP certification, and Dan Hadaway broke his previous record of 14 talks in one year, by ten, with 24!
• 2014: infotex introduced its partnership arrangement with Secure Banking Solutions, to be a reseller of TRAC, an Enterprise Risk Management application that provides benchmarking with 400 active small community-based financial institutions.
• 2015: infotex began expanding its ELM offering to include any reports that can be produced (compared to any information in syslog format as previously offered.)  Because we can now bring in logs generated in csv files, excel spreadsheets, even scanned-in PDF reports . . . . we we now offer greater visibility into disparate systems, allowing a more complete picture of real-time event context.
• July 24^th, 2015: infotex marked its 15^th Anniversary.
• 2015: We began offering our “Put A Watch” service on specific users, including users being terminated (for access authorization processing.)
• 2016: We began offering “Firewall Rule Review” services for all MSSP Clients, as well as other services that help address the Cybersecurity Assessment Baseline, Evolving, and Intermediate Statements.
• 2016: We published the CAT Maturity Analysis and Interpretation Tool (CAT MAIT), a set of documents intended to guide bank ISOs through the fifth step of the FFIEC’s process.
• 2016: Sean Waugh crosses the ten-year point.
• 2017: We reviewed our own contract as a webinar on how to review contracts, now available in movie-format on tour.infotex.com. (Now webinars.infotex.com and movies.infotex.com.)
• 2017: We also were notified in 2017 that the FFIEC would switch our exam cycle from two years to three years. Next exam will be in 2019, not 2016. (Note: we still have annual audits and annual “exam checkups” by the FFIEC (to make sure we’re still getting those annual audits!)
• 2018: The infotex SIEM began offering rogue device detection, put-a-watch, and other services to auditors, examiners, and information security officers.
• 2018: The movie, “How to Test Your SIEM” was boldly offered to Clients and the information security at-large in 2018.
• 2018: We also expanded our SIEM offering to school corporations in 2018, to help schools take advantage of the grant money being offered by the State of Indiana.
• 2019: We promoted two Data Security Analysts to be Staff Auditors, so that we can expand our audit services. We also reached Evolving across the board in the FFIEC’s CAT.
• 2019: We published “As Simple as it SIEMs“, a movie meant for School Corporation information security professionals.
• 2019: will be the fifth year in a row that we win the “Diamond Vendor” award at the Indiana Banker’s Association, an award that we covet very proudly!
• 2020: We began “movie production” in earnest. We also announced the roll-out of SIEM 3.0 and look forward to celebrating our 20^th Anniversary on July 24^th!
• July 24th, 2020: infotex celebrated its 20^th Anniversary! Read Dan’s reflections here.
• 2020: Development of the next generation infotex SIEM continued.
• 2020: infotex commits to be able to watch Client networks during the Pandemic no matter how long it lasts.
• 2020: infotex hires three new employees; an Engagement Coordinator, a Creative Assistant, and a new Data Security Analyst.
• 2021: infotex address the NCUA’s Automated Cysecurity Assessment Tool with the the release of Behind Your Credit Union’s Recent NCUA IT Exams Findings video and checklists.
• 2021: Dan Hadaway continued moderating position at the Ohio Bankers League’s Technology Conference and co-moderating the IT Forum series.
• 2021: infotex hired another new Data Security Analyst.
• 2021: infotex addresses the FFIEC Architecture, Infrastructure, and Operations Guidance. An overview can be found in our article “An Overview of the FFIEC Architecture, Infrastructure, and Operations Booklet”.
• 2021: Joined the Kentucky Bankers Association as an associate member.
• 2021: The infotex next generation SIEM is out of Beta!

Contact us for assistance with your information security and information technology risk management needs!