Presumably this means that some DRM vendors will be sensible and some will make life difficult. In due course the latter will get their reward - a reputation for being a cess-pit of malware. Sadly, past experience shows that that won't do them as much harm as one might hope.
Who knows. One can foresee the consequences of a borked DRM implementation being exploited somehow by a mass Ransomware outbreak. Those consequences would be very public, and very humiliating, and (if customers sue) possibly quite expensive.
Exploit hunting is kind of like a race. In a sense the blackhats compete against the whitehats, and they who find an exploit first "wins". The blackhats make off with the loot / drop down some malware, etc. The whitehats get public thanks, possibly a bounty, and the grateful thanks of us all.
If, say, a film studio, were openly engaged with the research community, what that tells the blackhats is that they really do have competition. If the studio was obstructive of the researh community, the blackhats know there's less competition, and the exploit pickings might be richer as a result. It might also take a lot longer for the exploits to be plugged; I can't see film studios keeping on an entire dev team trawling over code just in case, they're going to fire the guys and girls just as soon as it looks "finished".