Something that seems quite common is a bit of a rose tinted view of how software is built and deployed in many organisations. Those people coming from a software development team background tend to assume that there's developer control over some monolithic (or microlithic) system, which is all developed and controlled in house. Where there are external supply chain style dependencies is in the software dependency systems, or with API integrations. People who work in this sort of ecosystem really care about SBOM's, repeatable builds, configuration as code and so on. To them, the idea of shipping software with default configurations is really confusing because everything is custom built. These are the people worrying about the base images in their docker builds or the security of their kubernetes clusters. This is the reality in a modern tech company, in Google, in Meta, in any of the tech firms that have determined that software development capability is a core competency that they need. If you go to a tech conference, these are the people on stage talking about how to build and secure your systems.