Sure there is! Because money! Private vlans require planning, equipment, and maintenance... all of which is costly.
The swiftness at which you blame the IT manager shows just how ignorant you and most others are regarding technology. The IT manager has to have their budgets and proposals approved and often get their hands tied by management, aren’t given the resources they need, but then are quickly blamed when things fail.
Technology now will be obsolete in 5 years. That means the equipment, the procedures, and policies you put in place today may not be sufficient in the near future. Is there any other industry like that? Is there any other line of work that demands constant and continuing education and planning? What do you think happens when management changes, people are replaced, and companies experience downturns? Small problems can slowly grow into unfixable nightmares. I’ve seen a few. In a perfect world IT is given the resources they need, they hire the right people, and do the right thing. Unfortunately that is not reality.
Imho, bad s**t like this typically happens because corporate culture doesn’t incorporate sensible risk management in decision making. In fact, there’s probably people in senior management who fight against it. I heard about the ASCO debacle from another vendor, who has screwed their customers because they sole-sourced with ASCO, and said company ignored advice about it being an existential exposure. A lot of this risk management is very pro forma, no excuses about “unexpected” please. I allowed for my vendors failure risk and adjusted my exposure accordingly, so I’m now irritated but not desperate.