While I would not dare to lay claim to the title of “Security Expert”, there is unfortunately many people in the IT industry who do carry such titles and and make such claims, and most definately shouldn’t either. I do however have among my close friends people, not only people who can safely lay claim to the title of “Security Expert”, but who are in fact bona fide “Security Researchers”. These friendships and an interest in all things security related (not just IT) leads me to stumble across things like this presentation on 0day (0day means an unpatched security bug unknown to the public). Among other interesting points, it lists the figure of 348 days as the average time between a private discovery of 0day bugs and patching by the vendor. This is an astonishing figure! Basically, this means that any computer system you own is always vulnerable to security holes that you don’t, but someone else does know about!
"An adventure is only an inconvenience rightly considered. An inconvenience is an adventure wrongly considered" G. K. Chesterton