We are experienced, top-notch technology risk managers. Our team operates a managed services organization that offers network monitoring, audit, and consulting services. We maintain an excellent reputation in the community based financial services and healthcare industries. We strive to run a stable, fun business. We really like working with our Clients and always exceed their expectations.
Experts in IT Risk Management
Early Years (2000-2004)
- 2000: Bucheri McCarty & Metz LLP, an accounting firm based in Kokomo and Wabash with over 800 commercial clients, decided to take its Technology Division beyond the normal Accounting System Support they had been providing for the previous fifteen years.
- 2000: Based on the then-recent introductions of several new laws pertaining to Information Security, we started providing Information Security services as infotex.
- 2001: We held our first Information Security Awareness Workshop and have been leaders in educating healthcare, financial, and educational institutions ever since.
- 2002: Dan Hadaway purchased 25% of infotex from Bucheri McCarty & Metz.
- 2002: infotex became the first Tier 3 sponsor of Purdue University’s Center for Education and Research on Information Assurance and Security (CERIAS).
- 2003: infotex purchased Paradigm Shift Security, a Kansas-City based Information Security Firm, and acquired their intellectual capital related to Intrusion Detection systems.
- 2004: We founded, maintained, hosted, and managed bleedingsnort.com, a clearinghouse of signatures for snort. The production of signatures using the open source concept is the quickest way to develop mature signatures for vulnerabilities and threats hours after their discovery.
Adolescent Years (2005-2012)
- 2005: We became a Preferred Service Provider of the Community Bankers Association of Indiana.
- 2005: We hired Sean Waugh, who rose through the ranks of Data Security Analyst, Customer Service Manager, NOC Manager, and Senior Data Security Analyst to be our current Chief Technical Officer.
- 2005: We introduced our Log Monitoring Service, providing our clients a cost-effective way to outsource the overwhelming task of reviewing critical and non-critical event logs. This service eventually evolved into our ELM Visualization Interface.
- 2007: With the merger [IBA and CBAI], infotex became a Preferred Service Provider of the Indiana Bankers AssociationIndiana Bankers Association.
- 2008: Matt Jonkman migrated the bleedingsnort concept to emergingthreats.net. This snort-signature clearinghouse has become a defacto-standard in open-source signatures. Most of our competitors utilize this clearinghouse for early signature development.
- 2008: Dan Hadaway began facilitating an Annual IT Security Conference sponsored by the Indiana Bankers Association, the Community Bankers Association of Ohio, and the Michigan Bankers Association.
- 2008: We developed our Change Detection service. We also began offering Web Application Security Reviews and Cyber-forensics services.
- 2008: We substantially upgraded the equipment at the NOC, hired a NOC Manager (Chad Smith), and expanded the capacity of our Managed Services by approximately 200%.
- 2009: We entered the FDIC examination program, later renamed to be the FFIEC TSP Supervision Program.
- 2010: infotex created Vigilize in Twitter, substantially overhauled my.infotex.com (leveraging its blogging capabilities, and established a social media presence with our own Facebook site.
- 2011: infotex rolled out its Event Log Management Visualization Interface.
- 2012: Dan Hadaway purchased the remaining 75% of infotex from Bucheri McCarty & Metz, LLP, becoming sole owner of the Company.
- 2012: infotex introduced Midnight Caching and its Interactive Daily Report.
- 2012: infotex introduced the IT Resource Library!
- 2013, infotex began selling IT Compliance Kits on its E-commerce Blog, and created a new IT Governance Program set that can serve as adequate compliance documentation for a one-person organization.
Recent Years (2013-2019)
- 2013, Sean Waugh earned his CISSP certification, and Dan Hadaway broke his previous record of 14 talks in one year, by ten, with 24!
- 2014, infotex introduced its partnership arrangement with Secure Banking Solutions, to be a reseller of TRAC, an Enterprise Risk Management application that provides benchmarking with 400 active small community-based financial institutions.
- 2015, infotex began expanding its ELM offering to include any reports that can be produced (compared to any information in syslog format as previously offered.) Because we can now bring in logs generated in csv files, excel spreadsheets, even scanned-in pdf reports . . . . we we now offer greater visibility into disparate systems, allowing a more complete picture of real-time event context.
- July 24th, 2015, infotex marked its 15th Anniversary.
- 2015, we began offering our “Put A Watch” service on specific users, including users being terminated (for access authorization processing.)
- 2016, we began offering “Firewall Rule Review” services for all MSSP Clients, as well as other services that help address the Cybersecurity Assessment Baseline, Evolving, and Intermediate Statements.
- 2016, we published the CAT Maturity Analysis and Interpretation Tool (CAT MAIT), a set of documents intended to guide bank ISOs through the fifth step of the FFIEC’s process.
- 2016, Sean Waugh crosses the ten-year point.
- In 2017, we began offering Movies on tour.infotex.com which are recordings of free monthly webinars about various IT Governance topics for financial institutions.
- 2017, we also were notified in 2017 that the FFIEC would switch our exam cycle from two years to three years. Next exam will be in 2019, not 2016. (Note: we still have annual audits and annual “exam checkups” by the FFIEC (to make sure we’re still getting those annual audits!)
- In 2018, the infotex SIEM began offering rogue device detection, put-a-watch, and other services to auditors, examiners, and information security officers.
- 2018, we also expanded our SIEM offering to school corporations in 2018, to help schools take advantage of the grant money being offered by the State of Indiana.
- 2019, we promoted two Data Security Analysts to be Staff Auditors, so that we can expand our audit services.
- In 2019, we published The SIEM Buyer’s Guide, a movie meant for School Corporation information security professionals.
- 2019 will be the fifth year in a row that we win the “Diamond Vendor” award at the Indiana Banker’s Association, an award that we covet very proudly!
Contact us for assistance with your information security and information technology risk management needs!
The attack hinges on a common mistake made by large organizations… An article review. Read more
The firm edited workpapers ahead of examinations, and had employees cheat on certific Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more
For the first time, a data breach has triggered a financial downgrade… An article rev Read more