I'm getting a few downvotes, so let me try a different approach.
To the people I quoted: you evidently understand that runaway tech debt is a bad idea. So let's start a company where all of you are founders! At inception, this company would not need heavy approval processes around spinning new services and so on, since all of you share the same ideas about tech debt and can trust each other to do the right thing there. Security is more tricky, but all of you are responsible enough to actively seek feedback from security experts instead of just pushing insecure services to production, even though you would technically have the freedom to do that.
Now let's hire a few people to scale the company to 10 employees, while maintaining that same culture of responsibility. Now let's scale to 100. Then to 1000.
Why does necessarily stop working? Why is there necessarily a point where you cannot trust your colleagues to behave responsibly anymore?
(Note: this doesn't apply to everything. Personal information for example may legally require strict processes to be in place from day 1, and even if not legally required you may still want to do it by abundance of caution and respect for your users.)
Maybe all of the replies are from managers and CIOs :)
I agree, it keeps working just fine. You see it every day on the real internet.
You expose an API to me, I build a website around it. If one day your site disappears, I need to alreadt have backup strats in place on how I can get data like yours elsewhere. I have nobody to blame but myself-- after all, I'm getting the data from you for free!
To the people I quoted: you evidently understand that runaway tech debt is a bad idea. So let's start a company where all of you are founders! At inception, this company would not need heavy approval processes around spinning new services and so on, since all of you share the same ideas about tech debt and can trust each other to do the right thing there. Security is more tricky, but all of you are responsible enough to actively seek feedback from security experts instead of just pushing insecure services to production, even though you would technically have the freedom to do that.
Now let's hire a few people to scale the company to 10 employees, while maintaining that same culture of responsibility. Now let's scale to 100. Then to 1000.
Why does necessarily stop working? Why is there necessarily a point where you cannot trust your colleagues to behave responsibly anymore?
(Note: this doesn't apply to everything. Personal information for example may legally require strict processes to be in place from day 1, and even if not legally required you may still want to do it by abundance of caution and respect for your users.)