I blogged a bit about ever more reasons why software should be secured at the beginning of the lifecycle, not at the end. Adrian Bridgwater posted it as a guest article on ComputerWeekly.
Computer Weekly Guest Blog: How to avoid being a cash cow for cybercriminals