Who says this was a security incident at all?
I was at Google as an SRE, 2015-2016. Come Christmas, we did an "configuration slush"--no configuration changes unless it was to fix a current, live problem.
OMGs dropped 80%. Every year.
That's at a place I would consider to be healthy.
We are are own worst enemies. No outside help is needed.
Biting the hand that feeds IT
