You are here

Massachusetts moves to develop first statewide program to Secure the Weak Link in Cyberspace: Consumers, Small Businesses and Home Offices

December 12, 2002

WALTHAM, Mass. - Massachusetts seeks to develop a model program that would be the first in the nation to help its citizens protect their home computers and small or home offices from unwittingly spreading viruses or serving as a launching pad for Internet attacks that threaten the economic or national security of the United States. Massachusetts Attorney General Tom Reilly, Bentley College and the Massachusetts Software & Internet Council launched the effort with a public forum, "Securing the Weak Link in Cyberspace," yesterday at Bentley College in Waltham.

"We hope right here at Bentley College to begin to formulate a national model as to how we go about fixing this problem in cyberspace," said AG Reilly.

With the rapidly growing popularity of such "always-on" Internet connections as digital service line (DSL), broadband, wireless and satellite services, home computers and small business computer systems increasingly can be exploited by unauthorized intruders. Firewalls can protect these home and small business computers but consumers may not be aware of the need to install a firewall or anti-virus software or find the software inconvenient to use. At issue is how to implement the recommendations that consumers and small businesses should install appropriate security software, and what role industry should play in making it easier for home users and small businesses to obtain and update security software. The forum also explored how Massachusetts can do its part in implementing the National Strategy to Secure Cyberspace. The draft strategy was released by the White House on September 18, 2002.

Commissioner Orson Swindle of the Federal Trade Commission delivered the keynote address. Swindle was appointed in December 2001 as head of the United States Delegation to the Organization for Economic Cooperation and Development (OECD) Experts Group to review the 1992 OECD Guidelines for the Security of Information Systems. He also heads up the FTC's consumer security efforts.

"There are 280 million people in our society and half of them are on computers," said Swindle. "So if we don't educate consumers, if we rely solely on networks in government and industry, we're very vulnerable."

John Grossman, assistant attorney general and chief of corruption, fraud and computer crime for the state of Massachusetts, used case studies in discussing the consequences of the security weaknesses of consumer/SOHO systems. He emphasized the need for easy home computer security.

After a demonstration by Guardent Executive Vice President and Co-Founder Dan McCall of how so-called "hackers" can get into computer systems, a reaction panel tackled the question "How can Massachusetts do its part in implementing the President's "National Strategy to Secure Cyberspace?" Led by moderator Mary Culnan, Slade Professor of Management and Information Technology, Bentley College, panelists included Scott Charney, chief security strategist, Microsoft; Leigh Williams, senior vice president, Fidelity Investments; Jeffrey Seul, general counsel, Groove Networks; Barbara Anthony, director, Northeast Region, Federal Trade Commission; Richard M. Smith, Internet privacy and security consultant; and Scott Lebredo, senior technology manager, corporate security, Verizon.

The panelists debated the obstacles that exist for consumer/SOHO users, issues surrounding installation and updating appropriate software, the responsibilities of Internet Service Providers (ISP's), and the appropriate role for the state and federal governments.

"By bringing together representatives from law enforcement, academia, the high-tech sector and consumer groups, we are taking an important first step towards protecting Massachusetts computer users from the very serious threats that exist in cyberspace," AG Reilly said. "Today's goal is to determine the best and most effective ways to enhance the level of cybersecurity in Massachusetts and ensure that consumers and small businesses are protected when they go online."

Failure to secure the rapidly growing segment of home users and small businesses poses a threat to both the national and economic security of the United States as well as public confidence in the Internet. To date, no states haves announced plans to implement the President's Strategy, a draft of which is available at www.securecyberspace.gov (Implications for home users and small businesses may be found on pages 15-17 of the draft.) Computer attacks that can jeopardize the United States are not limited to government agencies and large corporations. According to the draft national strategy, consumers and small businesses are vulnerable to cyber attacks that can damage files, software and operating systems, wiping out irreplaceable data; enable thieves to steal personal data and use it to apply for a credit card or other identification in the user's name; purchase goods online and have them shipped to a drop site; gain access to a home personal computer and insert a secret file that ends up on the company system; access customers' names and credit card numbers for the purpose of extortion; take over a computer system without the owner's knowledge and use it for malicious purposes; or access a user's email address book.

"The national draft strategy defines the problem but does not provide a roadmap for getting from the current state to the ideal, where all home users and small businesses employ appropriate security measures," said Bentley College Professor Mary Culnan, who served as a commissioner on the President's Commission on Critical Infrastructure Protection and the Federal Trade Commission's Advisory Committee on Access and Security. "The question remains, how to build a partnership among the business community, government, academia and consumer groups to develop and promote solutions to the problem. The current efforts to promote cybersecurity cited by the draft strategy are largely informational websites that are unlikely to get the job done."

BENTLEY UNIVERSITY is one of the nation’s leading business schools, dedicated to preparing a new kind of business leader – one with the deep technical skills, broad global perspective, and high ethical standards required to make a difference in an ever-changing world. Our rich, diverse arts and sciences program, combined with an advanced business curriculum, prepares informed professionals who make an impact in their chosen fields. Located on a classic New England campus minutes from Boston, Bentley is a dynamic community of leaders, scholars and creative thinkers. The Graduate School emphasizes the impact of technology on business practice, in offerings that include MBA and Master of Science programs, PhD programs in accountancy and in business, and customized executive education programs. The university enrolls approximately 4,100 full-time undergraduate, 140 adult part-time undergraduate, 1,430 graduate, and 43 doctoral students. Bentley is accredited by the New England Association of Schools and Colleges; AACSB International – The Association to Advance Collegiate Schools of Business; and the European Quality Improvement System, which benchmarks quality in management and business education. For more information, please visit www.bentley.edu

Type: Latest Headlines