Feeling secure is not the same as being secure. Both are desirable objectives and they're somehow related. But one does not necessarily follow from the other.
In many cases, my 'being secure' depends on my being cautious. If I'm risk-aware, I will avoid actions which could increase my vulnerability. In a way, I will be more secure partly because I don't feel secure.
So, what happens when a system successfully makes a user feel secure? How does that affect her vulnerability, her 'being secure'?