“I think the biggest myth surrounding cybersecurity is that someone has to be very technical to get into a system.”

Twitter: @rej_ex • Website: www.redteam.it

Robert Willis is a security consultant at 1337 Inc. with a BS in management and certifications in IT and security from Stanford University, USAF, DHS, CompTIA, EC-Council, ELS, and various other organizations. He began his journey into programming and hacking in the late 90s on AOL. Robert is also currently enlisted in the TXSG, working in cybersecurity at Camp Mabry in Austin, Texas.

If there is one myth that you could debunk in cybersecurity, what would it be?

I think the biggest myth surrounding cybersecurity is that someone has to be very technical to get into a system. There have been studies showing that most attacks begin with a simple phishing campaign, which doesn’t require much skill.

What is one of the biggest bang-for-the-buck actions that an organization can take to improve its cybersecurity posture?

Stay updated on patches; they’re free. While working on projects, double-check everything you do. Also, make sure your organization’s employees are properly trained to handle social engineering attempts. Humans are the weakest link.

How is it that cybersecurity spending is increasing but breaches are still happening?

Many companies (including very large organizations) don’t want to invest ...