First of all, there is no foolproof system. If you believe you have a foolproof system, then you have failed to take into consideration the creativity of fools. My experience is if there's a man or woman who designed it, there's a man or woman who can defeat it. So I think most companies fail to take into consideration that they've developed this great system, but then they've failed to look at the person who's operating the system, the person who has information about the system -- his background and how much that person can be trusted. Companies hire people today with very little background checking; they're put into positions or they earn their way up to positions where they can do something to harm or cheat that company. So we have to pay a lot more attention to that weak link -- the human part of the system.
Would you say the greater security threat to a company is internal or external?
I think it's internal. What you have today is a lot of influence from the outside. For example, if I'm trying to get inside a company, I'm going to find out who works in that weak-link position. I may find him in a bar or a restaurant, I'm going to get to know him and eventually I'm going to say, "I don't know what they pay you, but I will triple or quintuple what they pay you if would simply get this information for me." I'm not saying to steal something physical, to go rob some money. I'm saying to somebody, "Pull this up on the screen, write it down on a Post-it note, give me the Post-it note, and I'll give you $50,000. Nobody's going to know you did it, you'll never see me or hear from me again." It's very appealing to someone who has very little character and ethics in their background.
What's the biggest misconception people have about you and your background?
All people know about me is the movie and what I did; I don't think they know that I've spent 32 years with the FBI and that I've dedicated my life to doing these kinds of [law-enforcement] things. People just know me as the character from the film. I do like the fact that most people don't recognize me, because they only know my name, so that's helped me a great deal since the film came out. But I don't really worry about those things -- I've tried to dedicate my life to eradicating some of these crimes. I've found that the No. 1 key way for me to do that is to educate people, so not only do I teach agents at the FBI Academy how to think out of the box, but I like to go out and tell the general public in banks and corporations, "Here are the problems and this is what you can do about it."
I don't want to go out and say, "Buy this software, it costs $1 million." I like very simple solutions to very serious problems. So I find that if I let people know, "Here is your risk, here is how people do this to you and this is how you prevent this happening to you," people are smart enough to go take the necessary steps to protect themselves. The problem is that most people are basically honest, so they don't sit back and think about how someone would do this. They're very naive when it comes to doing business, especially on a computer, and they have no concept of their risk.
What's the single most important thing that readers will read in your new book, Stealing Your Life, that's not available to them from any other source?
This is the fifth book I've written on crime. I just try again to bring people up to date -- this book is all about identity theft. I first wrote about identity theft in the 1980s in a book called Crimes of the Next Generation, and I talked about it before it was ever given a name -- that it would come to pass that we would have people stealing identities. You have to make people aware of the risk and show them all the ways people do it so that it opens their eyes to how simple it is to do it, and then on the other hand, show them simple ways to protect themselves as well, without going out and spending a fortune doing that.