Getting everyone to take security more seriously will most likely never going to happen.. :(
If this is the case then we are screwed... I hope its not the case, I hope that the customer service folks at ISP/NSP's and NOC and Engineering folks all keep this in their minds and push their upper management to start doing the right thing. It really doesn't cost that much, and its certainly cheaper than the cost of outages or lost revenue when your business is DoS'd, eh?
When the insurrance companies get involved and charge a larger premium to corporations not implementing reasonable security policies and procedures then the situation will improve. Time and time again I have seen corporations do nothing about a problem (physical safety, physical security, network security) until it hurts the bottom line. Also, a large profile (e.g. in the mainstream media) network security incident against a large corporation would again bring attention to the problem. I think that if a network security incident had brought Enron to its knees, rather than questionable accounting, people would be taking more notice of the problem. - Michael Hogsett