Martin McKeay writes:

We're never completely secure, there are too many aspects of our enterprise to cover to be certain we've taken everything into account. There's always going to be a vulnerability somewhere, it's a fact of life.
We can't afford to have too many illusions as security professionals. We have to see our network for what it is so that we can take the appropriate steps to safeguard our resources. We often have to do the best we can with the resources at hand, because proving the threat/risk to cost ratio to management is difficult in the best of situations. We have to hope that what we've done is good enough to keep the bad guys out of our network.

I like Martin, as much as somebody can like somebody else that they've never met, and his opinion usually matches mine enough that I consider him to be right-minded (/tongueincheek) but in this case I think he's totally incorrect.
Security professionals cannot afford *any* illusions about their work. It's true that there's no such thing as perfect security, but telling yourself lies to allow yourself to sleep at night is exactly what it sounds like: self-delusion, and it's dangerous. One should always be perfectly aware of what the problems are surrounding one's network, and one should obviously strive to eliminate or negate those problems. "Good enough" is not static; the unspoken words afterwards are always and forever "for now."
Yes, we have to have illusions to live our lives, but those illusions have no place in network and computer security. If being able to honestly tell yourself "I did the best I could" is insufficient to generally allow you to sleep at night, you need to find a new line of work.