There's always going to be a new person that has to learn from experience -- I'm way less concerned about that problem. In fact, I will argue this is a complete waste of time to be concerned about at it. Mistakes happen, security-minded folks get sick, and teams get so busy they lose track of the daily news. The real problem stems from the organization issues. We didn't get the OPM breach, Equifax breach, $MASSIVE_ENTITY breach from 0-day's that went unpatched for a few days. We got those breaches from systemic incompetence of management for years and years.