Despite the shortcomings of the packaged content, the RSA Conference is one of the industrys premier events and is well worth attending. It is an excellent place to network with peers and vendors, efficiently research markets and products, and get a good sense for the state and direction of the IT security market. This years event indicates that the IT security market is on a focused rebound. Select areas will experience strong spending growth, renewed venture capital investment, and a high degree of vendor acquisition activity.The Conference Expands Its Reach and AppealThe annual RSA Conference is a bellwether event in the IT security industry. No other conference matches its combination of scope and focus. The event re.ects the state of markets, priorities, and technical developments. As a result, the conference has long since moved away from its focus on cryptologists and frontline security practitioners. Like IT security itself, the show has matured, expanding its reach beyond the practitioner and enthusiast to include big businesses and business interests, with the occasional exhibit booth light show and dance line that can unfortunately accompany such a transformation.Nonetheless, the conference provides a focal point where industry luminaries, vendors, purchasers, researchers, integrators, and investors can interact. Attendance, activity, and general buzz were up significantly this year over the past two years. Of course, all the major vendors were there, but the abundance of chief security officers (CSOs) and top-level security managers was especially noteworthy.The keynotes were invariably entertaining, but almost all were valueless. Most of the interest centered on Bill Gates presentation, primarily the signi.cance of his presence here a first for this security conference. The cryptographers panel always generates a high level of interest and attention. The keynotes by executives from leading security vendors are good opportunities to learn about their attention and direction, but they also serve as a platform to promote their companies marketing messages.Exhibit Floor Was Full Of ActivityTraffic on the exhibit floor was strong, especially in comparison with 2002 and 2003. Many vendors said the number of highly quali.ed leads for near-term dealmaking exceeded their expectations, particularly because of the strong showing by CSOs and top-level security managers. The exhibit area was a showcase of all the leading vendors, and the attendees from user organizations who came looking for particular types of solutions found that walking the floor was an excellent way to avoid the lengthy research and weeding processes that usually accompany vendor selection.This year, the exhibition area was surprisingly homogeneous for an industry as varied as this, perhaps reflecting the direction and attention of vendors as well as market consolidation. The floor was dominated by threat management vendors (intrusion detection system\/intrusion protection system, managed security services providers, content security) and identity management vendors (single sign-on, provisioning, strong authentication). There was also good representation of Secure Sockets Layer (SSL) VPN, event management, and vulnerability scanner solutions. Patch management solutions were far more visible than last year. The one standout representing something new came from several companies showing off identity theft prevention solutions. However, these were often conventional products slightly modified and repackaged to address this growing concern. Notably underrepresented were solutions and market language aimed specifically at compliance and policy governance.Track Sessions: The Value Is There, But Hard To FindThere was value in the track sessions, but you had to dig to find the jewels amid the rubble. This is always the case at the RSA Conference. Track sessions su.er from being either vendor-driven or a bit stale. Many sessions, even those outside the Security Solutions track, serve merely as a vendor showcase (too salesy, as one attendee puts it). Other sessions fail to offer anything new: Many presentations are of rehashed material, and some sessions seem outright dated (as exempli.ed by the sessions titled The Disappearing Perimeter and Should I Deploy Or Should I Not Deploy a Wireless LAN?).The conference could be an excellent way to enlighten many of the attending security planners as to how others tackle the same challenges they face. Yet when vendors present case studies, they are naturally not as forthcoming about deployment challenges as users would be. There is also too much emphasis on explaining threats rather than on presenting practical guidelines for defense against them. While its useful to know that other companies are undergoing the same pain, people come to the RSA Conference expecting to hear case studies and learn about best practices.The cryptography track remains the deepest, least biased, and most current of the tracks. While these sessions were too esoteric for this analyst to appreciate, one attendee we spoke with, a cryptographer at a government contracting R&D firm, found them highly valuable despite the scarcity of recent cryptography breakthroughs.The sessions offered more variety than what appears on the exhibit floor, with tracks like Hackers and Threats, Business of Security, Applied Security, Developers, Implementers, Cryptography, Identity and Access Management, Wireless and Embedded, Standards, Government, and Secure Web Services. It is in the sessions where compliance issues become more pronounced. A separate track titled Privacy, Law and Policy focused almost exclusively on compliance issues, and the topic of regulations also appeared in other tracks presentations.What It Means:Security Is Back in the Budget, Though Focused on a Few Key AreasAfter a few years in which the IT security market largely failed to meet rising expectations,security is back as a budget item slated for growth. The activity on the RSA Conferenceexhibit floor was an excellent predictor of near-term spending trends.Security focal points. Major spending areas will be intrusion management, identitymanagement, security event management, and antispam.Maturing sectors. Wireless LAN security, SSL VPNs, and patch management are allmoving into the mainstream.Emerging opportunities. The appearance of tools to protect intellectual propertyand prevent identity theft is noteworthy.Underachievers. The antivirus and biometrics areas will be underperformers.Compliance Is a Growing Business Driver Behind Security SpendingCompliance is emerging as a major undercurrent driving IT security spending, a driver coming directly from the business side of the house. Moreover, there is both the expectation and acceptance that in the near future well see more regulations and market-mandated practices, such as those coming from the credit card companies, the IT security insurance industry, and government.Expect an Active Year in Venture Financing and M&AThe rise in corporate security spending has not escaped the notice of the investment community or the large vendors looking to enrich their product portfolios.