Last year when KC shot themselves in the face, they were running trading algos that hadn't been well tested. When dropped into production, things blew up fairly quickly.

I probably should have left it off the list, it's more of a compliance/procedural issue than purely infosec.