IT security neglect helps Anonymous: a deliberately contentious statement?

"IT security neglect helps Anonymous." Is this a deliberately contentious statement? Trashing people tasked with the thankless job of administering and securing a network and data isn't helpful. Thanks to the asymetric nature of the threats, it's relatively easier for someone with nothing better to do than attack a network than it is for someone for whom securing a network is just one of many, sometimes onerous, tasks. It's not like infosec people want to make it easy. If anything, the fault lies with whomever makes the decision to make every app Internet-facing. So, it's probably more accurate to state that it's managment neglect that abets hackers.