I also like that it re-enforces the idea, that for most developer teams, just having somebody assigned to application security, is already a massive step forward!!
Basically we have such a skill shortage in our industry for application security devs that 'if you have a heart-beat you qualify'
Who are these guys? The Microsoft Agile SDL describes them as Team Champions which should have these roles:
In addition to the Mug, another big asset to add to the dev team, is a library of books that looks like this:
Nothing beats books for knowledge, and there are LOTs of great books out there, the question is: Do developers have easy access to them?