3 EUC security topics I'll be looking for at RSAC 2025

3 endpoint and email security trends I'll be looking for at RSAC

There is a ton to take in at RSAC, so to make things less overwhelming, I've broken down the three biggest topics I'm looking for with endpoint and email security.

1. AI with actual purpose

Last year at RSAC, we were all hit with an AI stick, almost like a hazing ritual for first-timers. AI was everywhere, but the messaging was all the same, and it revolved around three things:

• Bad guys are using AI too.
• AI helps with detection, with an added spice of "Security has been doing AI forever."
• Come see our AI chatbot.

Because of that, the AI story was loud, but nothing really broke through the noise. This year, I expect to see more focused AI messaging. Take, for example, what I wrote about a few weeks ago: how endpoint security platforms are starting to take advantage of neural processing units for optimized scanning. I hope to see more use cases for AI PCs, or at least more companies beginning to use them in this way.

I'll also be on the lookout for security messaging that pertains to securing AI PCs themselves. We might not be there yet, but I'm curious if bad actors are targeting AI PCs to take advantage of the local AI processing. This might not be a big deal right now, but as AI agents become more prevalent, I could see this becoming more important.

In fact, I fully expect the AI stick to change to an agentic AI stick this year, too, and I'm curious to see how much agentic AI comes up. It's a topic for another article, but agentic AI means many things to many people. While I see it as an opportunity for users to execute workloads as copies of themselves on their own devices or in VMs for the purposes of task automation, there are other big-picture agentic AI uses and perspectives. Each of these has its own security challenges around identity, data loss prevention, governance, compliance, visibility, logging and more.

2. Endpoint management and security convergence

The intersection of endpoint management and security was also a theme last year, with vendors such as Adaptiva and NinjaOne working alongside CrowdStrike to educate a security-centric crowd on the need to align management and security efforts and teams. Tanium also had a large presence there in much the same way as part of the larger Tanium story.

This year, Adaptiva, NinjaOne and Tanium, among others, are talking a lot about autonomous endpoint management, so I expect that discussion to continue. I'm eager to speak with more vendors, because while I have a good sense of the space from an endpoint management perspective, I'd like to get endpoint security vendors' takes on it.

3. Email security

Finally, I'll be paying close attention to email security. This is one area where the stakes have quietly risen over the past year. While phishing and business email compromise -- also known as BEC -- aren't new problems, generative AI has changed the phishing game by making it easier for attackers to craft more convincing, personalized messages at scale.

What used to be relatively easy to spot -- broken English, suspicious formatting, generic intros -- is now far more polished, which puts more pressure on detection tools and policy enforcement to catch threats before they land. Of course, AI can help with this. Email security vendors are leaning in to AI themselves -- whether it's for behavioral analysis, impersonation detection or user coaching -- but the approaches tend to vary.

It's a space I'll be digging into soon with some upcoming research, so I'm especially interested in hearing how vendors are positioning their offerings, what capabilities are resonating with customers and where the gaps still exist. Getting those perspectives on the ground will help shape the questions we ask, and hopefully they can bring some clarity to a market that's evolving fast.

On to San Francisco and RSAC

So that's what I'm looking for at RSA Conference this year: more clarity, more substance and hopefully less noise.

If you're going to be there and have thoughts on any of this -- AI at the endpoint, agentic AI, autonomous endpoint management or just how to make it from North Hall to the Four Seasons without losing your sanity -- let's connect. There's a lot to unpack, and I'm sure we'll all leave with a few answers and even more questions, but that's part of the fun.

Gabe Knuth is the senior end-user computing analyst for Enterprise Strategy Group, now part of Omdia.

Enterprise Strategy Group is part of Omdia. Its analysts have business relationships with technology vendors.