Security is, very loosely, the process of keeping our systems in such a state that either they are deemed to be impractical to break into, or in which the vulnerabilities and risks entailed in keeping those systems operational are understood, managed, and either compensated for or accepted. Contrary to received wisdom (and intuition, for some), there is no such thing as a secure system.
There is a well-used aphorism among the security community, "Security is a journey, not a destination."
The best security consultant, programmer, or IT professional in the world is only able to secure a computer system to the extent that the hardware and software he or she is working with allows. Even a perfectly set up, textbook deployment of a secure software package runs the risk that an application component, operating system component, or piece of hardware may have a fault or develop a fault compromising the security of the system. A software fault may do any number of things...