I could maybe see that for some specialized case, but for the general case it seems like the more independent, distributed things you're juggling, the more likely you are to end up with security holes in the first place. The time you have to spend on security would have to be spread too broad and thin.
The cost varies. Some of the code I work with is safety critical - people can die if it isn't working. If someone breaks into our system and gets private data that "only" costs us a lot of money, but if they break into our system and take over the safety critical parts people die.
