Tar everyone with the same brush
"Personally, on my system I’ve got a propriety security software and I got an update a few months ago and it sat there for months, I didn’t quite get round to it."
So he's a knob end who can't be arsed to update his (Apple/MS?) software, and has an anecdote to prove his thesis.
Me: I run Linux/BSD end to end at home with multiple VLANs and a firewall policy that is way stricter than most "enterprise" systems I look after. It's also monitored. Properly. I'm an IT consultant by trade. I patch my home systems as often as is wife acceptable, and I clothe myself in tin foil. I'm under no illusions that despite the fact that my home IT security is pretty much as good as is reasonably possible, mistakes can and will inevitably happen. Yes, I have done a risk assessment. Yes, I am a bit obsessed. Yes, I probably should get out more.
So given *my* anecdote, do I get to be upset when I do something stupid and click on a link in an email and lose money? Where does my responsibility stop and his start? At what point does my bank take responsibility for stupidity? Should I really take up their offer of free AV software to provide complete protection online.
I don't know and I want to know: Who is responsible for what in a world where nearly anyone in that world can virtually knock on my metaphorical front door with a massive cyber door-twatter?