Cyber security and breech prevention: John Martinez and Christopher Hegg have it all covered at CoreRecon, raising the security standard in South Texas.
By: Jessica Dusek
Photos by: Paul Marshall
Heightening the standard of cyber securities in South Texas, CoreRecon CEO John Martinez educates his customers on cyber security and breech prevention. Martinez’s 10-year stint in military security reinforces the knowledge and expertise imbedded within his company. Working with the U.S. Marine Corps at the Pentagon, networks were installed in the mid-1990s. He was educated during the “ the computer era.” He explains: “I never realized the importance of security until we realized people can actually hack into these networks. I realized this by hacking into the network from another building.”
CoreRecon is the only company in South Texas offering cyber security assessments in compliance with HIPPA’s privacy act. Martinez explains their main objectives are to support their client regarding, “procedures and steps that medical facilities and compliance don’t follow. I also do this to help out the patient.” His consulting business gives an in-depth analysis of potential compromises, for example lost ID badges, procedure changes and need for change in access control. Working with staff and CEOs, he can report back, “Here is a discrepancy report; I’ve managed to find your discrepancies and how to resolve these issues.”
As a kid, the Corpus Christi native was curious about how things worked and why. He recalls, “My parents got me a helicopter, and you had to move the propeller by hand.” Wanting to make the propeller spin automatically, he dismantled a battery toy truck, which would spin its wheels as soon as you turned on the switch. His thought was, “if it makes the wheels turn, then it sure to make the propeller spin.”
Upgrading his toy helicopter, he laughs, “I made a hole inside the helicopter, and I super-glued the small generator inside the helicopter – then jammed the propeller into the generator at the top of a small piece of metal, so now all I had to do was turn on the switch and the propeller would spin.” It was this type of thinking that would lead him to the back-end of understanding cyber systems, codes and algorithms integrated into systems that serve his clients.
Market niche: HIPPA
Working with different government agencies, Martinez was trained to protect sensitive information and identify threats that could compromise systems. He switched his focus from IT to security. Discovering a niche in the medical arena, Martinez and his partner, Christopher Hegg, began working in accordance with the HIPPA Act, reinforcing the confidentiality of health records and personal information.
Consulting for projects out of Dallas, Martinez found that companies were going under because they were failing to comply with audits in the medical field. Surprisingly, he found big businesses would spend money on equipment, yet would not know to put a budget aside on security training and social engineering. In one incident, Martinez experienced this with a company he was working with: “I immediately saw five violations just by standing by the receptionist counter.”
He recalls starting out in the industry, “Security was never taken serious.” Martinez reflects on a specific company in his formative years: “The company made $1.2 billion per year, but yet, failed in some security procedures and recommendations.” Securities became apparent for generational climates – Martinez noticed the lack of knowledge and concern for cyber security and IT security from his CTO.
His CTO was afraid to explain to the board of directors that certain tablets and mobile devices were not in compliance with security measures. Martinez explained to his CTO that the security issues needed to be brought up once again to the board of directors, but as always, his CTO was afraid to confront them. Working with a credit union that experienced a physical breech, the writing was on the wall.
“My first reaction was, ‘I told you we needed more physical security cameras, which would look at all directions within that building,’” explains Martinez of the incident. When the CTO mentioned to Martinez, “I knew you were going to overact because of this incident,” Martinez responded, “Of course I’m going to make a big deal about it; we don’t know what was taken.” He continues, “To make matters worse, this incident was swept under the rug.”
Yet, the disappointment was not long standing. Martinez knew it was time to move on and leave the credit union due to the CTO’s management skills. Martinez found he could apply his industry knowledge and strengths in his community. Creating the company, CoreRecon, after thinking of his past experiences, he realized as he describes, “what not-to-do and how to properly manage his employees and how to make a company excel.” In three months, he had landed more than 20 clients.
As the business grew, his partner, Hegg, brought experience as a former network vulnerability security technician in the Navy, and had also worked as a senior security controls assessor, which added perspective to their cyber security services. With their unique approach, they are looking to expand into other parts of Texas such as San Antonio.
“Data are always stored somewhere,” Martinez says. “Social Security numbers, credit card information and medical records are among these. Information can be used as a weapon, whether in social engineering or direct cyber security manipulation. Hackers do it for a living.”
Fueling his passion to uphold security integrity, Martinez continues to educate his clients. “If you look at our website, we are secure,” he explains. Noting the “S” after the http in a Web address can be a small, yet critical miss by the general public in terms of security of personal information.
His mission? To continue to educate and support his clients, or as he puts it, “to teach people; knowledge, security – dos and don’ts. Don’t be the next headline.”