Cryptography has been historically considered one of the hardest-to-get-right, yet most robust defenses against data leakage, tampering and misuse.
Rolling your own crypto is a sin unless you're a cryptographer. Even then, it's still a bit of a sin. We know limits to our knowledge, and we understand where to roll, where to pick existing stuff, and how to adapt it to your product.
is like dancing on a thin ice
False sense of security
Any persistent engineer can invent a security system so clever that they can't think of how to break it. All these systems get broken, of course.
Competence is rare
To build secure cryptographic systems, your team needs to have certain competencies in building, reviewing and breaking such systems. The competence is rare, the competence to find a competence is also rare.
Real-world cryptography is hard
Along with strong security guarantees, cryptography brings unique technological challenges when used in real-life use cases. Marrying cryptography, performance, user experience in a product is hard.