A root-cause analysis here that's about intrinsic difficulty is misguided IMHO. Secrets and secrets-delivery are an environment service that individual developers shouldn't ever have to think about. If you cut platform/devops/secops teams to the bone because they aren't adding application features, or if you understaff or overwork seniors that are supposed to be reviewing work and mentoring, then you will leak eventually. Simple as. Cutting engineering budgets for marketing budgets and executive bonuses practically guarantees these kinds of problems. Engineering leadership should understand this and deep down, it usually does. So the most direct way to talk about this is usually acknowledging willful negligence and/or greed