Well, I guess if we're going to organize a response, we should think of the best way to respond to each point.
Volatility: This one is an issue, but one that I believe will work itself out over time. Maybe some references to bitcoincharts over the past 6 months would provide hard data. Maybe someone else has a better idea here, because the volatility is probably keeping businesses away. Oh, how about Bit-Pay? It provides quick conversion straight to USD so that volatility doesn't matter and merchants can accept BTC without risk.
Vulnerabilities: Open source. According to https://en.bitcoin.it/wiki/Common_Vulnerabilities_and_Exposures
, the last real exploit was in August 2010, and that was handled with a blockchain fork. Since then, we've been doing great. Client devs are doing a good job of patching up issues before they become a threat. Emphasize that the protocol itself has had no issues; all problems are with bugs in client code.
51% Attack: There was a recent thread where plenty of people explained why a 51% attack would not have much of an effect. It might be worth tracking it down. Maybe find some quotes from large pool operators where they explain that they're not going to collaborate on an attack? Maybe bring up p2pool as a helpful solution.
Any other ideas?