We can set policies on how and when not to give out security information without visual- or voice confirmation of who we're dealing with, even when the request satisfies all the typical requirements.
We can even do outre things like getting the half of all IT security people who don't know where the files they're supposed to protect are stored to figure that out so they know what to protect.
And – I'm talking to you, Sony – we can plug that stupid SQL injection flaw that has been a swinging door into every network you've ever owned.
Yes, there are a lot of comparatively new, highly effective exploits out there combining social engineering, spear-phishing, malware and traditional attacks. Yes, there are a lot more people, groups and countries hacking at each other online. Yes the Internet is still a dangerous place.
But neither it nor the cloud is not more insecure than it was a month ago.
And not fixing obvious security flaws or even telling all the security managers in the company about the one that hit the most recent of your sites (this is for Sony, again), is just nothing but stupid.