Security is not a myth.
In the most general terms, security is: the act of protecting something valuable. You can add many different types of "security" to a door, room or a network; therefore it isn't a myth. It exists.
Absolute security however, cannot be accomplished. There will always be a weakness if you want access to the valuable. This doesn't make it a myth.
Anyone in cybersecurity knows this and before deciding on what security measures to employ first complete a risk assessment. There is no need to spend $40,000 to protect $1,000 of valuables.
To protect something, cybersecurity employs defense in-depth which are security measures placed to protect something and add protection on top of other protections. Again, security. Some protection methods are better than others, some are more expensive to employ than others.
To make the point, security by obscurity is another security measure used. Therefore, it isn't a myth. Code is obscured all the time to make it more difficult to RE. This doesn't mean it will protect the code forever... it's just another measure employed to make it more difficult to bypass the security measure.
What creates the illusion you speak of is the fact hackers only have to get it right once against millions of systems connected to the Internet. For the most part, hackers are a lot like water in that they follow the path of least resistance.
I think you can figure the rest from here.