Harvey Newstrom

Harvey Newstrom is an IBM Consultant certified as an IBM Cloud Professional Architect, Security Engineer, and Compliance Specialist.

Harvey Newstrom is one of the coauthors of NIST SP 800-53, NIST SP 800-53A, and NIST SP 800-53B. He has 20 years experience implementing and assessing NIST controls for government agencies and Fortune 500 complanies. He specializes in applying NIST based standards such as IBM’s ITSS, Service Framework, CIS Benchmarks, DISA STIGs, Financial Services, HIPAA, HITRUST, FedRAMP, RMF, FISMA, CMMC, Privacy, DoD, etc. He joined IBM as a contractor in 1995, became an employee in 1998, and helped establish IBM’s Security and Privacy consulting practice. His extensive and broad background provides insider knowledge about what works, what doesn’t, and how things can go wrong. His diverse credentials include ISC² certifications for security, ISACA’s certifications for compliance, and IBM certifications for IBM Cloud.

He helped develop and implement Cybersecurity Standards such as the first federal security architecture, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-53B, and the first PRISMA.

He helped establish Cybersecurity Programs for NARA, USFS, GSA, FMCSA, and various agencies utilizing the Cloud.

He lead Cybersecurity Consulting teams at IBM, Fiderus, Newstaff, and SAIC.

He authored various Cybersecurity Publications including articles, white papers, product manuals, and lectures.