They say anything connected to the internet can be compromised. With that said, I wonder why there's no authoritative group that certifies sites as "secured".
"We have inspected this site and it meets our basic standards for security."
Back in the day we had pirates patrolling the waters, taking what they wanted.
Now we have a wide open internet, with modern day pirates, dubbed "hackers".
Seems only natural to have a consortium that devices standards, continually modified as technology evolves, and makes suggestions on how to "secure" your site, to receive accreditation from their body of experts.
Maybe I'm wrong, things are fine the way they are.