Responses to a survey from attendees of the DEFCON 18 conference revealed that 73% came across a misconfigured network more than three quarters of the time – which, according to 76% of the sample, was the easiest IT resource to exploit.
At one of my former places of employment, there was a network engineer who solved access issues with permit ip any any statements. Needless to say, he didn’t last long at the job.
The article goes on to site “insufficient time or money for audits” as one of the main reasons given for misconfigured networks. This has definitely been an issue everywhere I’ve worked. Proper documentation and regular audits are always placed at the bottom of the priority list with potentially dangerous results.