9. Social engineering is a skill that can be used to victimize naive people (because let's be honest, human nature is to trust).
Found a USB stick laying on the ground? What's the first thing you do? You plug it in to your own computer. But it was planted by an adversary and has autorun software that drops a remote access trojan onto your system.
Do you update your systems OR run weird software? Odds are there is at least one vulnerability on your system that an attacker can find and use a free distro of BackTrack or Kali Linux to exploit your machine and gain access.
I could go on and on. Source: I do this full-time for the government.
Best advice I can give on getting into the field is: -learn at least one programming language, not necessarily to expert level, but to learn about logical/control flow -take a SANS course, preferably GCIH or GCIA. They're going to be difficult for people new to the field, though, so you might want to take an intro course at a community college first.
I've been doing this for over 10 years, and adversaries are just getting better and more sophisticated. The best advice I can give (besides buy stock in info security companies) is, if you don't want something digital to be compromised, don't put it online in the first place. Don't store things in the "cloud" that don't need to be there. Know what your smartphone is doing (such as storing/sending your location). Think like an adversary - what could a bad person do with this PLETHORA of information that is now available in this age of technology?
10. I've done a fair amount of work in cybersecurity consulting, and what I think is far more terrifying than some of the more complex attacks out there is how common some other attack vectors are. So many organizations are completely unsecured and lack even basic protection mechanisms. That scares me a lot more than ultra-complex 0-days do.
12. I am not a hacker, far from it. However I did write a script that does well over 90% of my job for me. I outperformed all other people in my department; they gave me a promotion and my own office. I now get all the work done that they used to have to hire 4-5 people to do, and all the work I get given, I can easily do in 10-15 minutes a day, but I am there for 9 hours. My boss thinks I am a workhorse and I sit on my PC all day, browsing reddit, watching Netflix, youtube and listening to audiobooks.
If people were more IT literate most office jobs would be obsolete.