It would be easy to be secure if all the data were in one room, there were no connections to the outside world (well I guess you have to have power coming in, but that's all), and there were no people who knew the data.
Unfortunately that's not the real world. Breaking the German and Japanese codes during World War II would have been meaningless if that information wasn't used to sink the submarines, divert the convoy, or be ready at Midway.
The situation hasn't changed, but the integral capabilities of the Oracle database itself have. As security has gotten ever more important, the steps you need to take get every more complex. At the same time, the users of your data can't be expected to agree, they have a job to do and if security systems prevent them from doing their job they will find ways to bypass or ignore the security system.
This book can be read on two levels. First it is an excellent primer on security in general. Second it is Oracle centric so that anyone responsible for security on an Oracle based system need go no further.
Note that the Foreward is by David Carey, former Executive Director of the Central Intelligence Agency. It is generally believed that a big contract from the CIA was Oracle's first major success. The implication is that the CIA worked with Oracle to develop the security system discussed here. If the CIA says it's good enough....