His point is that in security, the opposite applies. The supposed "incompetence" is just plausible deniability for a malicious act.
Yes, and my point is that hasn’t been the case in my experience.
Yes, and my point is that hasn’t been the case in my experience.