Lots of software developers including Microsoft needed to learn that lesson the hard way and I have the feeling the games industry is largely still in the pre-learning phase: The default setting has to be secure or you will hurt your customers badly and have to pay the price later with a bad reputation.
It is exactly the least knowledable users who need the most secure setup and are also the users least able to set up the correct options