The 2017 CISO Investment Blueprint analyzes survey responses from 100 security decision makers regarding the current state of application security. The blueprint also features interviews with innovators in the security industry, including Dave Farrow, Barracuda's Senior Director, Information Security, who discusses his team's challenges and successes in addressing application security issues. Farrow highlights the importance of transforming developers into security professionals and filling systemic gaps in their understanding through training programs. He also emphasizes the value of bug bounty programs in providing access to top appsec professionals and immediate results. The blueprint aims to provide insights around the challenges and opportunities present for security decision-makers in 2017, and invites feedback and observations from readers.