The 2017 CISO Investment Blueprint was launched to analyze the current state of application security based on survey responses from 100 security decision makers. The blueprint also features interviews with innovators in the industry, including Josh Sokol, an OWASP Board of Directors member and co-founder of Bugcrowd. In these interviews, Sokol discusses his background in computer science and how he became involved in OWASP. He highlights the growth of his open-source side-project, SimpleRisk, which aims to make basic risk management obtainable for organizations of all sizes. Sokol emphasizes the importance of increasing engagement between security professionals and universities to develop secure coding skills in students. He also discusses the role of bug bounties in improving application security, particularly as companies continue to evolve their applications rapidly through agile development. The interviews provide insights into the challenges and opportunities facing security decision-makers in 2017, including the need for more effective communication between developers and security professionals.