Something can be secure enough that the computational power required to break it is probably not available to various actors up to and perhaps including nation-states (e.g. RSA), yet still well short of the "requires more energy to compute than is available in the visible universe" benchmark (e.g. AES, probably). Yet both could still be regarded as "secure".
Also, protection against different kinds of attacks. For example, we can consider SHA3 more secure than SHA2, because it's not vulnerable length extension attack. Likewise, a system which protects against passive attacks is secure against passive attacks, but the system which protects against passive and active attacks is more secure than it.
