The overall goal of (computer) security is the cost-effective minimization of risk.
Therefore some risks are not addressed (too expensive or too rare or impossible to avoid)
"Risks" are motivation-neutral -- power outages and computer failures are risks. But we tend to concentrate on human-generated risks.