“There is no perfect security, and making perfection your goal results in a brittle security strategy.”

Twitter: @danielcornell • Website: denimgroup.com/resources/blog/author/dancornell

A globally recognized application security expert, Dan Cornell has more than 15 years of experience architecting, developing, and securing web-based software systems. As chief technology officer and principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process.

If there is one myth that you could debunk in cybersecurity, what would it be?

That it is possible to prevent breaches. Obviously, you need to protect yourself, but also make plans to detect issues and recover from them. There is no perfect security, and making perfection your goal results in a brittle security strategy.

What is one of the biggest bang-for-the-buck actions that an organization can take to improve its cybersecurity posture?

This depends on the organization. For smaller organizations, get the basics right via a managed IT services provider. Automate updates and patching, install antivirus and anti-malware, and back up your data. (Also, don’t forget to test your backups. You’ve tested your backups, right?) Unless you have a really nonstandard threat model, smaller organizations aren’t going to ...