Trend Micro has advised firms to create secure environments in which employees should be free to make mistakes.
The hope is that errors that could lead to disastrous data security breaches will be caught before they occur in the normal business environment.
"Sandbox your employees. They're the first and primary vulnerability that will be attacked by anyone. Let them learn and mess up in a safe environment," said Rik Ferguson, vice president of security research at Trend Micro.
Ferguson was referring to the concept of sandboxing in software, where potentially malicious code is allowed to execute in a secure virtual environment so that its intentions can be examined before it is permitted to do anything on the corporate network.
The advice came as part of a broader discussion of security awareness training at Trend Micro CloudSec 2016 in London this week. Ferguson also advised organisations to develop different security messages for different audiences.
"If you approach a tech-savvy audience with a high-level message they'll switch off quickly and lose respect for your organisation, whether that's partners, customers or your own employees. You need to target your education at the correct audience. That's a critical factor for success," he said.
Michael Wignall, national technology officer at Microsoft UK, said at the event that the need for improved security awareness is an opportunity for the industry.
"We've gone on a 40-year journey where security used to be an afterthought but is now built in to everything we do," he said.
"The industry has a responsibility for awareness and education, because the user is still the highest risk factor. Think of it as an opportunity."
V3 sister title Computing will hold its Enterprise Security and Risk Management Summit on 24 November in central London. Attendance is free to qualified end users.
The summit will be followed by the Security Excellence Awards which is now open for entries from vendors and end users.
Are you paying attention?
Private equity firm Permira only acquired Magento from eBay for $200m three years ago
Before robots can take over from humans, we need more humans
It's not easy not being evil