OK, what do I always say about breaches? We have to be right every single time, they've got to get lucky once. Security is a job that's thankless at best, brutal at worst.
Unless it's through an absolute lack of due diligence and true malfeasance, when a company goes through a breach and its security (and broader IT) team recovers from that breach, why would you let them go? They've gained invaluable experience and learned likely dozens of lessons.
When a security team leaves, whether voluntarily or not, they take with them hard-won knowledge that any smart potential employer would grab in a second. Their loss is your gain.
This article also hits another one of my favorite topics: resiliency. No security strategy will provide you 100% protection. Having a robust and diverse DR/BC plan that accounts for potential cyberattacks is absolutely critical.
Have a great day!
If you want to build a resilient organisation, wouldn't it be better to recruit a team of people who've lived this stuff rather than someone who hasn't got that experience or developed best practices in reaction to a breach occurring?