1.) Security theater. The hypothetical competent attacker already knows who works for Silent Circle, from any one of a dozen different public sources. No company that actually accepts money from customers can be stealth enough.
2.) Mere access to a security company's internal network isn't as useful as it would be for, example, a credit card processor's internal network. (Except for stealing secret keys, etc) The more serious threat is not intrusion, but tampering. (Pretending to be a employee for sneaky NSA-style RNG-weakening, etc) Covert tampering is a heck of a lot harder.
2.) Mere access to a security company's internal network isn't as useful as it would be for, example, a credit card processor's internal network. (Except for stealing secret keys, etc) The more serious threat is not intrusion, but tampering. (Pretending to be a employee for sneaky NSA-style RNG-weakening, etc) Covert tampering is a heck of a lot harder.