I work for a telecom dealer that specializes in fulfilling corporate needs. All corporate sales are done through our website. A few of our clients are security companies. One of them (which will go unnamed) has a key purchaser who is completely computer illiterate. When trying to troubleshoot her difficulties using our website, I asked what browser she was using. She replied "Office 2003".
After patiently instructing her on how to determine her browser and version number, it turned out she was using IE6. That was about 2 years ago. They still use IE6 to this day and have no intentions of switching off of it. Having dealt with a large variety of companies over the years, I think security firms are the most technically inept and the most likely to completely disregard online security.
What kind of security company are we talking about here? Are they an IT security company, or some muscle-for-hire type security company? Huge difference. Granted, the key purchaser should still be competent on the computer, but the story doesn't quite carry the same punch as if this was a computer illiterate worker at an IT security firm.
I am NOMAD!