Creating a secure system can be a difficult and elusive objective. The moment you think you’re finished, you’ve opened yourself up to an attack. People who are aware that they can never be completely secure are more likely to be vigilant, thus increasing their awareness and attention to security issues. For instance, a flight crew who believes the airport security checks guarantee everyone on the plane can be trusted will have a false sense of security. Someone could pose as a food service employee and board the plane, entirely bypassing the security system. Even if an organization were to spend all of its resources on security, there would still be a potential for failure and since no one can afford to do that, failure is inevitable. The question to ask is how, not if, your security will fail. Being aware of the limitations and introducing graceful ways of failing can significantly reduce the impact of attacks. Failing gracefully means having multiple backup plans or ways to mitigate the damage that can be caused by an intruder. A system that has been designed to fail gracefully will at least be able to contain the attack, and might even be able to prevent it entirely.