The ignorant yahoos that flood this field are going to be having a very hard time financially once this trend plays out
Of course that's true.
In addition, we are each going to have to decide what our personal "scope of practice" is, and stick to it. I don't, for instance, take on clients who want advice about HIPAA compliance. Even though I knew what I needed to do as a clinical practitioner in regard to HIPAA, I do not have any idea of what the actual computer/network security protocols are required in order to be compliant nor do I wish to learn. That's someone else's job and I'm happy for it to be someone else's job.
Given the kind of break-fix I do, I almost never get into security related issues beyond recommending to my clients that they use a password manager of their choosing and do not use the same password multiple times. Many do not listen. Even when I need passwords to get into a machine or account, when I'm doing on-site work I strongly prefer that the user enter those themselves and not share them with me, though some do on occasion.
I'm not in the security business, I don't claim to be in the security business, and, thus, I have no ownership or responsibility for what my clients may or may not do in that realm. They've got some specific something that's broken and needs fixing, or new that needs to be set up, and that's what I do. I don't look at their networks, firewalls, etc., etc., etc. My professional scope is constrained to the client presented issue(s) at hand that I elect to take on.
Were someone ever to try to sue me because some account they use was hacked, and I've never had anything whatsoever to do with that account nor securing their computing environment, I'd be mightily ****** but would engage my lawyer to countersue.
But for as long as I've been doing this, and with as many clients for whom I've done this, and where in my area business is still almost entirely done "on a handshake" (for lack of a better way of putting it), I don't fear each new client as a legal threat. I know what I'm doing, for what I'm doing, and I don't go outside my own chosen scope of practice.