The US could make significant progress in fighting cybercrime if Internet users were more wary of phishing and other scams, if individuals and businesses changed static passwords and if laptops included several layers of protection against data theft when they were lost and stolen, Silva said.
However, it's not always easy to see cybercriminals at work, Silva added. Earlier this decade it was fairly easy to tell if a computer was compromised with spyware or a virus because the malware caused easily seen problems, he said. But now, many people are unaware that their computers have been compromised and are leaking personal data or are used in a botnet to send spam or attack other computers, he said.
"More things are being exploited by smarter people, and they're doing it quietly," Silva said.
Consumer education about cyberthreats needs to lose the jargon and simplify the message, added Michael Kaiser, executive director of the National Cyber Security Alliance (NCSA), a trade group focused on cybersecurity. Internet users, when they type in "www," need to think of "who, what and why," he said.
Internet users should ask themselves who wants the information they're being asked to provide, what information they're asking for and why they're asking for it, Kaiser said. If Internet users slow down and ask those questions, they may be less susceptible to phishing and other scams, he said.
"At NCSA, we really believe that user behavior matters," he said. "They have to pay attention when they're using the Internet."