Looking at the number of already discovered vulnerabilities in popular applications, I would say it's actually impossible to build secure systems right now. Even companies that are trying are failing. IMO it's still way too easy to introduce a vulnerability and then miss it in both review and pentests. We need big changes in all parts of the software buliding and maintaining process. Probably no one will like that, because we are still in "move fast and break things" software development age.