Letter From the Editor Victor Wheatman 2 January 2002 We began our review of enterprise security and privacy and provided forecasts for 2002 (and beyond) in our last Spotlight, Future Topics and Trends in Security and Privacy. Now, we take a more far-reaching view in this issue, which complements forthcoming research on security trends and technologies from across Gartner's lines of business. We invite you to frequently visit gartner.com for information on how to improve enterprise security, biometrics, homeland security, transaction incident management and electronic surveillance. Your inquiries and comments are welcome.

spotlight.feedback@gartner.com

	Overview Security, Privacy and Risk Management: 2002 and Beyond 2 January 2002 Victor Wheatman  William Malik We forecast likely (and not-so-likely) transformations in the information security marketplace in 2002 and beyond.

The Information Security Hype Cycle 15 November 2001 Victor Wheatman   John Pescatore The hype cycle characterizes the typical progression of a technology from overenthusiasm through a period of disillusionment to an eventual understanding of its relevance. Timing future investment is everything.		Remote Access Authentication: Tokens Rule in 2002 13 December 2001 John Girard Enterprises should consider tokens for near-term strong authentication, but give priority to vendors with migration strategies to future mechanisms based on certificates and biometrics.
Security Software Spending in 2001 and 2002 20 December 2001 Colleen Graham Enterprises in select vertical segments will continue to drive spending in the security software market, despite a tough economic environment.		Software Security Market Scenarios for 2006 21 December 2001 Alain Dang Van Mien We present four scenarios for the software security marketplace through 2006, and examine the factors that will influence the purchasing and implementation of security solutions.
Risk Management 2002 and Beyond: Formal and Integrated 20 December 2001 Simon Mingay The events of Sept. 11 in the United States will reinforce the need for enterprises worldwide to adopt risk management, not just in financial controls, but also in strategic planning and operational management.