Symantec: We're not smarter than cybercriminals

One of the UK’s leading security experts has called for a major shake-up in the way businesses train their employees in online safety.

Symantec CTO Darren Thomson said that workers can effectively be an extra layer of protection for companies looking to prevent themselves falling victim to cyber-attack.

Speaking at the Symantec Crystal Ball event in London this week, Thomson highlighted how even unskilled or non-expert workers can play a critical role in keeping their employer safe -- and become part of the "secret sauce" of cybersecurity.

"We're at a point in history now where we're more reliant on non-experts making good IT decisions than we've ever been," he said.

Thomson called for businesses to adopt a neighbourhood watch-esque approach to security when welcoming new employees - so instead of the IT department seeing them as a potential new threat, the workers could effectively act as "eyes on the ground" to help spot risks.

"We've done a terrible job in this industry of training people the right way," he noted, "we've been kidding ourselves actually about training, as not everyone wants to be a security expert."

Asked if we are walking into some dystopian future, and for his predictions of the cybersecurity future, Thomson said he believed the security industry as a whole has a great opportunity to present itself as a protector of business and consumer alike.

"We have a chance to get things right (in cybersecurity) in the next five to 10 years," he noted. "We have a lot of challenges to overcome, as the world is more connected, and the attack surfaces that criminals can target are getting larger everyday."

Businesses need to ensure they are monitoring potential threats before they even strike, shutting down possible risks whilst still at the early stage, Thomson said, giving the example of ransomware attackers creating multiple encrypted backups on a network before launching their assault -- a tactic that IT departments should easily be able to spot.

"Every technique, every principle, every strategy we talk about -- the criminal is thinking about them too,” Thomson added.

"Don't presume we're cleverer than the criminal... they're always thinking about the same thing, and keep us on our toes."

Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.

Image Credit: Manczurov / Shutterstock