Security is a process, not a product.

By Bruce Schneier,
Internationally-renowned security
technologist (blowfish & twofish)