TCEP 142: Cybersecurity Tips for Civil Engineers Working Remotely During COVID-19

In this episode, I talk to Jonathan Hard, CEO and President of H2L Solutions, Inc. (H2L). H2L specializes in cyber and information assurance and provides cybersecurity solutions for government and commercial customers. Jonathan talks about cybersecurity, both what individual engineers can do to protect themselves in the world of homeworking and what engineering companies need to consider, and why the company should be working with the United States government.

Engineering Quotes:

Here Are Some of the Questions I Ask Jonathan Hard:

What are some of the key cybersecurity things that homeworkers should be thinking about?

Are there any other actions that an individual may want to be thinking about to strengthen their home cybersecurity systems beyond a VPN?

Are there things that company managers need to be thinking about with regard to additional items or activities to make sure that their staff is up to scratch with cybersecurity?

Can you explain what the Cybersecurity Maturity Model Certification (CMMC) program is?

As we look to the future, where do you see the IT industry going with regard to homeworking, businesses, and what you think the new normal is going to look like?

How can people get connected with you and learn more about what you and your company are doing?

Here Are Some of the Key Points Discussed About Cybersecurity:

Companies need to have a firewall with VPN access to let their employees connect securely to the servers and get their work done. It’s not a good idea to let them have a normal home network or Wi-Fi connection because it is not as secure.

Independent consultants should look for a reputable VPN service or should ask their clients if they can give them VPN access through their firewall to have a secure connection.

From a company's perspective, they need to ensure that their information and files are being shared securely, especially when it involves subcontractors. This can be done by having password protected and monitored data-sharing centers. This way, subcontractors can only have access to information that is viable to that subcontractor, and they do not have access to any other sensitive information or data.

The Cybersecurity Maturity Model Certification (CMMC) Program is the standard not only for the department of defense supply chain, but will also eventually be the standard for the federal supply chain. The CMMC program is new, but it is based on the Defense Federal Acquisition Regulation Supplement of 2013.

From a cybersecurity point of view, the way business is done has changed regarding the quarantine and social distancing. All the assessments and everything that was done face to face are now done virtually. This has freed up time and means that a better job can be done from a virtual perspective.

More in This Episode…

About Jonathan Hard

Jonathan is a sought-after speaker in cybersecurity and has presented at several major conferences and many other events on the subject of safeguarding covered defense information in compliance with the Defense Federal Acquisition Regulation Supplement clause and the newer Cyber Security Maturity Model.

He has been an information technology and security professional since 2008. Before founding H2L, Jonathan served as a cybersecurity engineer in the defense industry. He also was in the Alabama National Guard for 12 years, and during that time, he graduated from Infantry Officer Basic Course, Ranger School, Airborne School, and completed a tour in Iraq as an infantry officer.

Jonathan maintains active involvement in several community service organizations, including a position on the Board of Directors of The Harris Home for Children, the Huntsville Association of Small Business in Advanced Technology (HASBAT),