March 29, 2019 By Carter Garrison 2 min read

Chris Thomas, X-Force Red’s blockchain security expert, has always had an interest in understanding how technologies are built and operated. As a young child, Chris’ father thought it would be enjoyable for the two to build a computer instead of buying a premanufactured one. After two attempts, the father-and-son duo successfully built Chris’ first computer. Little did they know the project would ignite Chris’ future career as a penetration tester.

At just 11 years old, Chris performed his first penetration test, hacking into his school’s network. The content of his school’s information technology class wasn’t challenging for Chris, giving him plenty of time to teach himself how to program and code. Using his self-taught knowledge, he was able to scan the school’s network and access window shares that allowed him to log in as a domain administrator. Because he has a strong moral compass, Chris communicated his findings with the school’s system administrator, who became a close ally and supported Chris’ work. Through this experience, Chris knew he wanted to become a penetration tester.

Starting a Career in Penetration Testing

After secondary school, Chris pursued and completed an undergraduate degree in programming and a graduate degree in cybersecurity. He then began his first full-time job working as a system administrator for a large technology company in Manchester, England. Chris’ knowledge was second to none, but his employer would not let him begin his career as a penetration tester with the company. It was not until Chris alpha tested and passed the CREST CRT exam that his company moved him to a junior penetration tester position.

Over the next 10 years, Chris excelled in his role as a penetration tester and became a principal consultant, serving as the technical lead on a project for a large financial institution. He and his team managed the company’s global penetration testing network and built the network access controls from scratch.

Joining the X-Force Red Team

Chris has always been infatuated with blockchain technology since its inception and initial ties to cryptocurrency. With a passion for understanding how systems work and function, he immediately educated himself on all things blockchain and bitcoin and has continued researching and tinkering with the technologies ever since.

In his current role, leading X-Force Red’s blockchain testing services, Chris combines his passion for penetration testing with his love for blockchain. The team works with clients to find weaknesses not only in the implementation and use of blockchain technology itself, but also in the connected infrastructure.

Alongside X-Force Red’s veteran hackers, who are also developers and engineers, Chris is excited to help shape the adoption and implementation of blockchain across various industries.

Learn more about X-Force Red Blockchain Testing

More from Security Services

Protecting your data and environment from unknown external risks

3 min read - Cybersecurity professionals always keep their eye out for trends and patterns to stay one step ahead of cyber criminals. The IBM X-Force does the same when working with customers. Over the past few years, clients have often asked the team about threats outside their internal environment, such as data leakage, brand impersonation, stolen credentials and phishing sites. To help customers overcome these often unknown and unexpected risks that are often outside of their control, the team created Cyber Exposure Insights…

39% of MSPs report major setbacks when adapting to advanced security technologies

4 min read - SOPHOS, a leading global provider of managed security solutions, has recently released its annual MSP Perspectives report for 2024. This most recent report provides insights from 350 different managed service providers (MSPs) across the United States, United Kingdom, Germany and Australia on modern cybersecurity tools solutions. It also documents newly discovered risks and challenges in the industry.Among the many findings of this most recent report, one of the most concerning trends is the difficulties MSPs face when adapting their service…

A decade of global cyberattacks, and where they left us

5 min read - The cyberattack landscape has seen monumental shifts and enormous growth in the past decade or so.I spoke to Michelle Alvarez, X-Force Strategic Threat Analysis Manager at IBM, who told me that the most visible change in cybersecurity can be summed up in one word: scale. A decade ago, “'mega-breaches' were relatively rare, but now feel like an everyday occurrence.”A summary of the past decade in global cyberattacksThe cybersecurity landscape has been impacted by major world events, especially in recent years.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today