Alex Scoble argues that Security is not about the application, it's about a process and being vigilant, proactive and responsible about what you do.

I agree entirely, but I think I'd go a bit further and say that security is more just a process: its a state of mind.

It's not just about constantly being vigilant, it's about never trusting anything, no matter what application, or environment you are in. That goes way beyond computing into other areas as well, because today you never know when that piece of information about you will wind up being used in a computing environment. Your card may be skimmed at a checkout and then used online; giving out your DOB to anybody but those that really need it is daft. Answering the phone and giving security details is equally silly - the information you just provided over the phone could be used to login to your bank account online.