Microsoft recently held its 2010 MIX conference for web developers in the US. As expected, there was a significant focus on Silverlight, the Windows Phone platform and IE9. An unexpected and welcome surprise was the number of sessions designed to get developers thinking about security and privacy in their applications.
Check this out (the sessions are online and available at no cost):
and this one:
This is the way it should be. Sure, have a bunch of sessions on the whiz-bang latest things that developers can do, but set aside a number of sessions to remind them that security and privacy are important considerations as well.
The ultimate responsibility for writing secure applications belongs in the development organization and in the hands of individual developers, not in information security.