I recently had the pleasure of meeting and interviewing John W. Thompson, the chairman and CEO of Symantec Corp.
I found him to be a man driven to educate society on the evils of phishing scams and identity theft.
Coincidentally, last year I met Frank Abagnale, a security consultant whose
life was turned into the movie Catch Me If You Can by Steven Speilberg. Abagnale said that if security vendors do not step up to solve or curtail phishing and identity theft it would lead to hundreds of thousands if not even millions of lawsuits, which could cripple economies here and in the U.S.
I asked Thompson about this and what he said surprised me.
He believes that security is about process. It is not about technology.
“”We have to start with society. We have a sixth sense as a humans about things we should or should not do in the physical world,”” he said.
What he means here is people can sense when there is danger, such as walking to your car late at night in a bad neighbourhood, for example.
Thompson thinks people should start to have a sixth sense about security attacks such as phishing scams that are a regular part of everyone’s e-mail these days.
Currently society has not yet developed this sixth sense, he said, so businesses and governments need to work together to increase awareness.
He would not go as far as Abagnale did in foreseeing an economic crisis if things are not improved, but he did say it might hurt the digital economy.
Thompson also believes that Symantec is alone in this fight.
“”It is unthinkable to me that people continue to fall victim to phishing scams. And it is because we haven’t developed this sixth sense.
The channel, along with vendors, will continue to play a significant role in building this awareness. Symantec’s Calgary office, Thompson noted, rivals the U.S. government in terms of the strength of its security protection solutions.
Others in the battle include Canadian partners such as WhiteHat Inc. of Burlington, Ont., which has developed a hosted solution called Insight E-mail Guardian. This system cleanses incoming e-mail of phishes along with spam and other viruses.
WhiteHat charges only $75 for a business of 30 users, which makes the solution affordable to many small companies. That approach will help in building awareness.
Thompson must continue to fight the good fight because the average span of time between discovery of a vulnerability and its exploit has collapsed from six months to six days. Also the motives of the attackers have shifted from noterity to geopolitical power and financial gain.
I guess that is why Thompson is a driven man.