Handling errors in your application is part of the basic foundation that makes your application secure. One slip is all it takes to jeopardize your intellectual property, data, and your reputation.
Here is a great example of how NOT to handle your errors:
I don't want to name the site, but they are a Fortune 500 company handling billions of dollars. Knowing a little bit of "ethical hacking" myself, I could have easily retrieved more information about their application and servers... at least enough information to be a potential threat. From this screen alone, I can tell what language they're programming in, what version of .NET is being run, they're using Windows servers running IIS, and snippets of their code leading up to the SQLException. Ouch.
But, I'm a good guy, just disappointed that this company would allow this type of error to bubble up, especially since I'm a client of theirs! Lose money!!!