Re: It's cheaper than you think
@CMYanko Security info is publicly available to ANYONE, it doesn't just go to "the security people". Anybody working in IT should be watching at least a couple of IT based websites and if you are developing for a particular platform, then you should be subscribing to its newslists or RSS feeds, blogs etc.
As a developer, I always kept track of issues with the tools I was using and often informed my management that we needed to apply patches. I often knew more than the ops and security team, when it came to locking down the specific tools I was developing with.