To really make security part of the developer mindset, it needs to be incorporated into their broader aspirations and backed up with holistic, relevant and continuous training.