In this paper we argue that, in order to develop the next generation of secure software systems, a security focus must be introduced throughout the development lifecycle. We also argue that security is not just a technical issue, and we explain how considering security issues from the earliest stages of the development process leads to the development of more secure software systems. After looking at the limitations and barriers of existing research and industrial approaches, with respect to the engineering of secure software systems, we briefly describe a methodology, which considers both the social and the technical aspects of security and supports the objective of considering security from the early stages of the software systems development. Moreover, we also argue that, in order to provide a security focus throughout the development lifecycle, we need to look at the issue collectively, rather than individually, by establishing a discipline that will form the basis of an in depth understanding of the security issues involved in the development of software systems; provide the appropriate knowledge and best practice to assist software and security engineers in developing secure software systems; and also educate system users on security related issues.