OTOH, Heartbleed had as much to do with critical open source code being maintained by someone who was basically doing on a shoestring via donations as a lack of software engineering processes in general.
It's not so much Heartbleed; I agree, that was kind of sui generis. It's just the more general sense in which our field has no guardrails to prevent people from opting for faster/cheaper time to market at the expense of security and reliability. Everyone in this industry is constantly drilling holes through the support beams and hanging whole new floors off them; the buildings collapse every week, and we just shrug.
I'm not even saying things must necessarily change. I'm just making the case that what we're doing isn't engineering.
https://news.ycombinator.com/item?id=22315607
(I hadn't read about the KC Hyatt disaster before).