With over 70% of security vulnerabilities existing at the application layer (Gartner Group, 2005), the landscape of security is changing. The vulnerability of software continues to increase as criminals continue to proliferate attacks. Writing secure code isn’t the only answer. Combating the problem of insecure software requires a combination of policy, process and people. This presentation will cover what it takes to build secure software and explore developing a professional standard for software development.