Has everyone forgotten General David Petraeus?
If the director of the CIA gets caught having an affair by using a weird e-mail scheme, what would lead anyone to believe that the underlings would be any better?
Also, one has to remember "Quis custodiet ipsos custodes", which, loosely translates to "Who will keep the keepers themselves". It is impossible for everyone to be watched all the time. At some point, employees have to be trusted. About the best that can be done is to carefully screen those employees, and then very carefully ensure that they don't become disgruntled due to management doing something really stupid (which is a point which virtually all government organizations and companies fail to realize!). There is no greater asset than a trusted employee, nor anything quite as dangerous as a disgruntled employee.
As for physical security, that is mostly a joke, with a couple of exceptions (most of which are obscenely expensive). Sure, a bank/government quality safe is pretty secure. Mostly. Although quite a few safecrackers have busted those. The lock on a typical office desk is a joke. I regularly (e.g., twice a day or more!) used to pick the lock on my office desk (because the silly office administration people had lost the key to the office desk I was assigned, so I simply decided that I'd pick the lock with a suitable key-pick). I've even picked desk locks with a paperclip (about 10 minutes the first time, although I got it down to about two minutes with a bit of practice!). I'd even pick the desk locks for cow-orkers (but, only with their permission, and with them present). Door locks were a bit harder, but could still be picked (and, without leaving any evidence, if you were careful).
PC case locks? Don't make me laugh. And, once you have access to the inside of the system, well, anything can be accomplished (I've even hacked mainframe computers in that manner!).
Oh, don't worry, y'all. I'm a white-hat hacker who works for an international organization as a cryptographer. :-)
Just call me "The Pirate." (And, yes, I really do wear an eye patch!)