"The ability of attackers half a world away to take out any factory they choose whenever they want only seems to strengthen the point that cyberwarfare is indeed asymmetrical."
This technically does not put his two statements in conflict, though it certainly doesn't help them either. The point of the assymetry statement was that the assymetry is not inherant to the internet and network security. There's no real reason that a handful of well-trained "operatives" should be able to take out a facility guarded by hundreds of similarly trained "operatives." The current reality is that it does appear this way, but more often it seems like a couple of experienced crackers manage to take out a poorly secured facility, which shouldn't be too surprising really.
The Stuxnet attack also doesn't really contradict the assymetry argument, because what assymetry exists in that attack was actually in favor of the attacker to begin with. Every major report on the likely attackers showed that it was probably performed by a large, experienced and well-funded organization. In return the defenders never showed much ability to defend against such a well-organized attack. Thus, the assymetry here seems more like a giant swatting a gnat.
A lot of the problem with computer & network security is that we have just learned how to build small forts and checkpoints for these computers. They seem to work well enough as near as we can tell, but the bad guys just keep smashing their way in anyway. Given time, we'll learn how to make huge nasty castles to defend our information and resources and the people trying to get in will find their work much harder, though still not impossible. However, at some point we may also need to figure out how to convince people to store their information in the safer castles, rather than their homemade forts.