Michael Howard on SDL and the need for it; comments onJeff Jones blogs.

See SDL blog:
http://blogs.msdn.com/sdl/archive/2008/02/21/the-first-step-on-the-road-to-more-secure-software-is-admitting-you-have-a-problem.aspx

Urs