Specifically Speaking with J. Kelly Stewart

LEESBURG, Va.—In this month’s feature, Security Systems News highlights the work of J. Kelly Stewart of Newcastle Consulting LLC, who talks about his dream job in the Secret Service, as well as designing and specifying AI applications including edge computing, 5G networks and blockchain.

What is your role at Newcastle Consulting LLC?

I serve as the Managing Director & CEO, spearheading a Security Risk Management Consultancy that provides proactive, predictive, and responsive advice and access to information critical in building a companies’ resilience to operational risk.

Our systematic, prevention-based methodology is rooted in a thorough risk, threat, vulnerability, and impact assessment that allows for the development of a comprehensive security blueprint for any organization.

We bring over 30 years of public and private experience as seasoned security practitioners in leading holistic, multi-national security risk management security programs. We are key advisors, partners, and confidants that develop and execute security strategies in support of overall corporate resiliency. We offer objective and independent insight into emerging risks through our collective knowledge so that we can effectively strategize, plan, prepare, and execute methods to mitigate those risks.

I champion our Risk Advisory Services that enable clients to evaluate corporate risk; conduct customized security risk assessments; and construct security master plans providing organizations with reductions in operational cost and increased profitability. We enable executives to focus their organizations on core competencies where they can achieve definable advantages, thereby adding value to their client base.

What kinds of systems do you design/specify and what services does the company provide?

My consultancy focuses on a holistic approach to security design emphasizing physical, cyber, and operational methodology that seeks to integrate all the elements designed to safeguard an organization, considering them as a complex and interconnected system. The ultimate purpose is designing security to ensure a continuous protection across all attack surfaces: the totality of all physical, software, cyber and human exposure.

We further concentrate on making your security infrastructure scalable in a way that allows it to evolve with the ever-changing threat landscape allowing decision makers to properly address ongoing business requirements.

What vertical markets does the company specialize in? Any interesting projects that you can mention?

Newcastle Consulting’s pursuit is to advise, assist, and collaborate with clients given our decades worth of expertise in assorted types of security-related and business engagements in such sectors as:
•    Aerospace and Defense
•    Airline
•    Banking
•    Chemical and Pharmaceutical
•    Commercial Real Estate
•    Energy and Utilities including Nuclear
•    Financial Services
•    Healthcare
•    Hospitality
•    Information Technology
•    Insurance
•    Primary, Secondary and Higher Educational Institutions
•    Telecommunications

Our goal is to aid in removing inefficiencies while further informing you on whether or not to accept risk based on cultivating a unified security strategy and master plan endorsed through a comprehensive risk, threat, and vulnerability assessment program that is flexible, scalable, and innovative.

How did you get started in security and designing/specifying?

How do you describe a life-long dream? I always wanted to work for the U.S. Secret Service since I was a child. I was fortunate enough to fulfill my dream and the start my career with them. Its impact on my career and its direction is profound given the experiences and responsibilities that I had surrounding protection and, more particularly, advance operations in the areas of technical security, intelligence information, threat identification and planning, and emergency evacuation operations.

I was able to expand upon those skills as a key advisor to the Chief of Defense Nuclear Security on matters of security policy and special projects, concentrating on physical and logical security system design and operations, vulnerability assessments, technology applications and security management. I managed and participated with teams that assessed, evaluated, and implemented anti-terrorism and force protection improvements for high asset targets within the Department of Energy and the National Nuclear Security Administration (NNSA) while simultaneously assembling a team of top security experts from diverse backgrounds to advise leadership on implementation of graded security protection policy and application of Design Basis Threat.

This led to my involvement as one of the principal contributors to the Technical Implementation Guidance (PACS document) on Smart Card Enabled Physical Access Control Systems - one of the key documents used for implementing a Policy for a Common Identification Standard for Federal Employees and Contractors.

Can you talk about what new or emerging technologies you are seeing or specifying today?

There are a multitude of directions we could go into regarding new technologies. I particularly look to understand the client needs prior to any involvement into new and emerging technologies. As aforementioned our systematic, prevention-based methodology is rooted in a thorough risk, threat, vulnerability, and impact assessment that allows for the development of a comprehensive security blueprint for any organization. This allows us to evaluate and pick the appropriate technology that meets the clients’ expectations and needs while enabling any design to be scalable to new technologies.

We are designing and specifying artificial intelligence applications with other technologies including edge computing, 5G networks, and blockchain. This directs attention to the utilization of converged and integrated networks and devices, given the good majority of emerging and new security systems are being amalgamated. This examination allows my consultancy to specify and design advancements in analytics especially in camera technology as well as access control and its frictionless security design concepts. We further specify security architectural designs using Augmented Reality, Photogrammetry, and Lidar that ties in with building information modeling as it is a more effective and efficient manner to improve not only the security design, but also ensure a holistic and comprehensive design that integrates the necessary technologies for a business to grow, expand, and scale exponentially.

What is your view on the industry moving forward?

The push is to converge and integrate physical and logical systems. This is not a new trend or concept in our industry, but one that is long overdue to get rooted. The driver is technology itself, but also the need for information and its dissemination in Real Time. Real Time Situational Awareness is here; we must embrace it. That said, holistic integration of the physical, logical (cyber and information), and operational aspects of security must be designed with the notion that there are multiple ways in which to obtain critical assets and information essential for a business to thrive and grow. If we do not take this approach, we will forever expose our clients and the security that we design to attack and continual disruption.

Data has produced an eruption of opportunities for the enterprise. We are inhibited to some degree by privacy risks, compliance and regulation controls the ability to collaborate on sensitive data and take full advance of artificial intelligence opportunities to generate insights. Security is no longer going to simply be about protecting assets, sensitive data and keeping hackers out of our systems. In these days of big data and artificial intelligence, security will need to emphasize on enabling organizations to leverage, collaborate, and monetize their data without being exposed to privacy breaches, risks, compliance and regulation control their intellectual property.

Specifically Speaking, a Security Systems News monthly column, features Q-and-A with a security consultant provided to SSN by SecuritySpecifiers.