We have to understand that there is no such thing as 'perfect security'. As my old Jesuit teachers never ceased to point out to us boys: "what a human can devise, another human can un-devise". That said, I think a lot of CEOs all over the world need to educate themselves in the essentials of security, and get to understand that this technology we now have at our fingertips is extremely *insecure and fragile* and in reality offers no cost-saving short cuts without a hefty price tag. If you don't understand this, you should not be managing a company. As for the armed forces using COTS software...
For citizens we should demand privacy - at least as good as such as the old fashioned postal envelope used to offer. Our communications are also extremely insecure and fragile by comparison with even that low stamdard. In particular we should demand strong encryption *without* back-doors for federal agencies and government overseers. Because as soon as you program in back-doors, hey presto! In come the hackers - who are clever people.