To make one of eldarerathis' cons less critical:
One could use Tasker or Locale together with the Secure Settings plugin to automatically toggle USB Debugging on for safe locations (based e.g. on cell towers, network/GPS location, WiFi networks connected or in reach), and toggle it off (exit-task with Tasker) when leaving such. With a NFC tag and the Locale NFC Plugin it could also be switched it on/off on demand.
All that even without touching the screen -- so it would work even if the screen is broken. And that "unscrupulous individual" then would have to be in your "safe location" or have your tag, and must know those circumstances -- which is much less risky.
If your device does not belong to that small group having trouble mounting their storage with USB Debugging turned on, this would leave almost no "Con" then.