Security/Hacking becoming commercialized is a good thing to the extent that it brings more information about the subject into the mainstream. Is all that information good or valid, no, but by bringing the subject into the marketplace of ideas more people can participate and have an opportunity be educated. I am by no means a security expert or a hacker but the biggest problem I encounter in the corporate and private matters is that users are totally ignorant about computer security. In my experience security education and training in the corporate world is totally lacking. Schools are not for the most part teaching security and most private users don't have the first idea about security. I am not advocating everyone having a security cert (more commercialization) or spending every waking moment studying security but learning about things that I hope are becoming common sense to most IT people, strong passwords, anti-virus (free or commercial), backups, and a firewall on your broadband connection.

Some bad things have come from the commercialization of security/hacking, companies selling a "solution" that will make a company totally secure is a farce. Foolish companies buying the totally secure solution is almost as bad but "let the buyer beware". "Average" users being so scared(or overwhelmed) of "hackers" because they heard they were bad in that movie or on the news that they get Chicken Little syndrome and give up is also a problem with commercialization.

Is commercialization security/hacking a bad thing, no. Over commercialization of security/hacking is a bad thing but I don't think we are there yet. Education is the key, sadly it is not free (it takes time) and most companies and users are not interested.