Use a parametrized query:
Using con As New SqlConnection(strConnection)
con.Open()
Using cmd As New SqlCommand("INSERT INTO MyTable(Id, MyText) VALUES (@ID, @MT)", con)
cmd.Parameters.AddWithValue("@ID", Id)
cmd.Parameters.AddWithValue("@MT", If(myTextBox.Text = "", DirectCast(DBNull.Value, Object), DirectCast(myTextBox.Text, Object)))
cmd.ExecuteNonQuery()
End Using
End Using