David Ladd, a partner in crime, has just made a post on the SDL blog about Security Education. He starts:

"There has been a lot of hoopla lately around "secure programming skills" – with not-so-thinly veiled condemnations of academicians and the role of the university in addressing the IT security problem."

It's a very interesting, and thought provoking post.