When a tree falls in the forest and no one is around to hear it, it certainly makes a sound. But if a computer network has a security vulnerability and no one knows about it, is it insecure? Only the most extreme Berkeleian idealist might argue against the former, but the latter is not nearly so obvious.
A network with a security vulnerability is insecure to those who know about the vulnerability.If noone knows about it—if it is literally a vulnerability that has not been discovered—then the network is secure. If one person knows about it, then the network is insecure to him but secure to everyone else. If the network equipment manufacturer knows about it…if security researchers know about it…if the hacking community knows about it the insecurity of the network increasesas news of the vulnerability gets out.