Ever since we got the book Writing Secure Code 2nd edition at DevDays, I've been reading about a chapter a day.
I have to say that a subject that I thought was dull,boring and basically “un-learnable” suddenly takes new life in my brain and I am both intrigued and shocked at how non-security-minded I've been, and so are many people I know.
All I can say is that you need to get this book now, and start reading.
It feels heavy but the first 5 chapters deal with nothing but the “why”s and “how”s of learning and training and instilling security minded development in the organization and it was a breeze to read. I was afraid that I'd be quickly putting it down for being too much .. anything, but I was wrong.
You should know a little C++\C to get some of the sample code, but the main ideas are security concepts and not coding concepts, and they are pretty language agnostic.
Even if you think you don't want to read it, you do. You really really do.