If a link is worth 5 mil and regulatory non-compliance costs 2 mil. Then i would ask: - Is it 5 mil of 1 time payment (capex no opex) or is it capex + opex or is it opex alone? - Is there a link that costs lesser than 5 mil that will support the ask of encryption? - Is there any other way we can satisfy the encryption requirement without having to pay fees. Like if regulatory requirement says encrypt traffic and we say the traffic is not confidential or if the traffic can be sent through customer owned dedicated link only reserved for that traffic alone etc
What is you advice for someone with an expeerience of 14 years in networking and operational security.. To start a certification path.. Go through cissp or other things like ccnp or ccie security
This was just an example and even though you chose this option your legal department and senior leaders will have to accept such a risk. Because knowingly breaking the law will have consequences.
@@Tamboly he is breaking law that caused him pay 2 million that is in itself consequence that he is willing to take. However question shouldnt be answered based upon given answer. there should be counter question on this.