Gary,
Could you elaborate a bit more? Specifically, what kind of incentives
you have in mind? How would they work?
The debate about what to do to improve software security at a national
or larger scale is mostly populated with abstractions and generic ideas
but the enumeration and description of
All,
OWASP has a document which was targeted at the Brazilian government at
first and then translates into English. It contains several proposals
of government actions to improve the application security (and
information security) landscape.
The English version is available here: