The Forrester security team: Jen Albornoz Mulligan, Natalie Lambert, Laura Koetzle, Christopher McClean, Jonathan Penn, Paul Stamp, and Chenxi Wang attended this year’s RSA. Among the 7 of us, we probably talked to 90% of the companies represented at the conference (if not more).  Collectively, here is our team’s takeaway and outlook for 2007 and beyond:

1. Lots of service plays and blended software/service offerings (we predicted this trend before the conference). Software as a service seems to be maturing in the security world, particularly in the content filtering and SIM spaces.

2. More big players are getting into the security business. Oracle had a booth at RSA! Smaller vendors seem to target more at potential acquirers or VC funding rather than customers, which means M&A activities will remain high (We also predicted this in our pre-conference poll, see our Feb 5th blog entry: RSA trends). Increasingly, security will be a market made up of big businesses.

3. Technology in general is adopting a risk management perspective, though there is still little consensus on what RM means. More and more point solutions include business-level and risk management issues, but only superficially.  Everybody’s got the red, yellow, and green"traffic lights"  that signify risk levels, but tere is no standard methodology for setting the levels.

4.  Privacy offerings are few and far between and understanding of privacy is still lacking. The industry generally expects upcoming privacy legislation at the federal level, although it’s unclear as to the timing and the specifics. International privacy laws were highlighted in the track sessions at RSA.

People who contributed to this posting: Jen Albornoz Mulligan, Laura Koetzle, Christopher McClean, Jonathan Penn, Paul Stamp, and Chenxi Wang.