Attack could have been prevented with CISSP training
My friend runs his own company and it has recently had major problems. They have had their computers attacked and some of the data has been stolen. This means that they have to let all their customers know that some of the data is in foreign hands. This is very scary for him and he may have to end up paying compensation to his customers if their data is misused in any way. He now wishes that he had some information technology security training or at least had an employee with it. He is now having to think through the options for the company, whether they can afford to continue and if they do what to do about security to avoid any further problems. He has definitely decided that he would like someone at the company to have CISSP training and whether that is him, an employee or whether he takes on someone new, he has not yet decided. He is going to be having a meeting with his financial team to look at the available funding before he decided where to take the company and discuss with them the implications of CISSP and how the company can afford to incorporate it. He feels that they cannot afford not to, but he needs the financial staff to find the funding from somewhere.