Southwest had a major outage at the end of December 2022 that ruined holiday travel plans for tens of thousands of customers. Then, at the beginning of January 2023, the FAA had to ground all flights because of an outage of their own. Coincidence?? ...well, yes. But also- Commonalities.
Implementing security policy is not easy. It's difficult from a technical perspective, sure, but convincing others in your company that the changes are necessary can be just as much of a challenge. Doubly so if you can't convince leadership.
The story of Twitter's current security woes is a great example.
The Peiter Zatko (aka "Mudge") vs Twitter situation has gotten very public. Mudge released a very long (84 pages) document that details what he says is a longstanding pattern of indifference to security. Here are the technical details of the alleged security failures.