And the answer is:
That's right I said it. Given the economy and the state of things, stuff like Policy Compliance and Risk Management are going to be sitting in the corner. Caveat: Unless there is a dramatic change.
That change would be something from the White House or Congress or (dare I say) Al Qaeda. If the deciders decide to take regulations and compliance seriously and start adding requirements to things like the TARP or whatever then we could see something new.
But the new FISMA does not provide for any changes to the current FIPS / 800-series documentation. It is the same ambiguous pain that we all been suffering through.
Lastly, there isn't going to be any new HOT security technology that will be coming out. It will be more of the my web app just got hacked/facebook malware/twitter worm stuff that has been emerging over the last 6 months.
We'll see. Improve your Process!