One problem that smart people tend to make is in thinking that being really smart in one area is generalizable to all others. Just because they're good at AppSec doesn't mean they're good at networking or operating a webserver.
I agree with this. It's surprising how often I encounter people with that belief, because I was disabused of it very early on in my career; this industry is chockablock with people who are brilliant in 1 area and deficient in others.
That's why you need teams. Red team for example! Security team. App developers. Code reviews. You need all the process too. Security that relies on one genius is fragile.
