If you're a consultant wondering where 2008's billable hours will come from, the answer lies in the continuation of last year's key trends in big firm consulting:
Since these are all different labels for selling the same basic action set consisting of PC lockdowns, user audits, and threats; almost any resume can be modified to show your expertise in one or all of those areas.
Ever set up a SAN? Can you say "full disk cryptology" and "compliance and safe harbor provisions" ? Great, you're clearly qualified as a storage security analyst of proven expertise. Know how to reboot your laptop from a usb thumb drive? ever mail one to yourself or backup to your google email account? Ok, can you say: "virtualized, role based, storage life cycle management"? "iscsi remote access services"? and "virtualization adjusted thin provisioning"? - yes? ok, you're obviously an expert on continuity of operations. Nothing hard about this, right? - just remember: as long as the clients don't know squat about this stuff either, it's the Powerpoints, and only the Powerpoints, that count.
There's a truth here too - I don't know if you want to know, but just between us: Wintel networks can't be secured - Microsoft can't do it, the British National Health can't do it, the U.S. Navy gave up on trying - it can't be done. Your success as a consultant on this stuff will depend on where the attackers choose to go, not on what you get the clients to do. They go elsewhere, you look good: period. It may sound cynical, but it really is as simple as that - so go ahead and play the odds, because, you know, as long as there's a Microsoft, you'll always find other clients.