For all cyber security professionals, there is only one story which has been top of everyone’s mind and it’s the case of Chris Hannifin and DefendIT Services. Having been exposed a number of months ago, the case at the beginning, rattled the industry at its core. Now, experts in the field are trying to focus on the way in which such cases can be prevented in the future.
Chris Hannifin was a mid-tier cyber security expert, who, following a stint in the US Air Force, held a number of positions with leading, respected firms in the industry. This included RSM, a well-known defense contractor, SiloTech, a cyber security firm and North South Consulting Group. At the later, Chris Hannifin befriended Krista Stevens, the CEO who, sources consulted revealed, was apparently the source of some of his first clients when he started working on developing his own firm. This firm would become known as DefendIT Services.
The various positions that he held at these companies had one thing in common, namely alarm bells that were being sounded as a result of confidential and sensitive information which seemed to be getting consistently compromised. Investigations conducted into the matter would later reveal that it was Chris Hannifin who was exploiting the information he had access to at the respective companies he was working for, and marketing these through his own channels to a wide range of interested third parties.
The specific nature of this information remains classified to this day, but what is apparent is that it put the victim companies and clients, in extremely compromising positions. It was such behavior that would eventually lead to Chris Hannifin’s termination. Starting DefendIT Services was a product of him not wanting to give up on the lucrative niche that he had carved out for himself.
Rudy Reyes, a name which is now becoming increasingly well-known, entered the picture when Chris Hannifin brought him on board to assist with the new “venture”. The two had been previously acquainted, some would say intimately, as rumors were circulating that the two were in fact, also lovers. DefendIT Services thus took off, and continues to operate to this day under the guise of being a cyber security consultancy. Chris Hannifin seems to have also opened a new branch of the same company, registered in Texas and similarly named, DefendIT and Facilities Solution LLC, showing that despite suspicions, he continues to operate seemingly unimpeded.
The ruse would have continued had both Chris Hannifin and Rudy Reyes not become complacent, letting their guard down as most criminals do after they begin to feel comfortable. Spending began to get out of hand, and included new jewellery, a trailer, new cars, homes, and even expensive vacations. With spending exceeding what the two had previously been known to spend, interested parties began asking questions and eventually came to the conclusion that something was afoot.
Despite the peculiarities of the case, this is the story which has turned the cyber security industry, quite literally inside out. If cyber security professionals themselves cannot be trusted to keep company secrets safe then who can be trusted? The industry, which is still reeling from the case, will certainly continue to evolve in order to prevent such risks from emerging in the future. In the meantime, cyber security professionals continue to monitor the case with great interest and concern.
