Security managers often, and inadvertently, end up creating an adversarial environment from the beginning. This is generally caused by security teams listing tons of new requirements for development teams without properly aligning these requirements with business objectives or allowing for more development time for additional code checks. To build a sustainable application security program requires that developers be equipped with the proper tools, which could include application security assessment and QA tools, and additional resources. It becomes much more straightforward to win the funding needed for the right tools, services and training needed for secure application development.
Source: https://threatpost.com/making-application-security-program-succeed-040711/75116/