RSA Conference 2026 recap: AI security, enterprise mobile security and the shift to connected security platforms

AI security takes center stage at RSA Conference 2026

Under the glorious sunshine of San Francisco, RSA Conference 2026 brought together security leaders, practitioners and innovators from across the globe. With strong attendance, packed sessions and a buzzing show floor, one theme dominated every conversation: security is entering an AI-driven era. 

Across sessions, booths and hallway discussions, it was clear that AI is no longer an emerging trend. It is reshaping how security teams operate, how attackers execute and how organizations think about risk, speed and control.

At the same time, a parallel conversation is emerging: how to secure AI itself. As organizations rapidly adopt AI, new risks are being introduced, from data exposure and model manipulation to unauthorized access and misuse. Securing AI systems, the data they rely on and the identities that interact with them is quickly becoming a core security priority.

AI-driven security operations: from detection to digital decision assistants

AI is now embedded across detection, investigation and response. Security operations are moving from manual workflows to AI-assisted analysis and increasingly toward autonomous, AI-driven decision-making. Success is no longer defined by how quickly alerts are triaged, but by how effectively outcomes are delivered.

A key shift highlighted at RSA is the role of AI as a digital assistant for security teams. Rather than replacing analysts, AI is augmenting them, prioritizing alerts, correlating signals across tools, surfacing relevant context and recommending next actions. It reduces cognitive load while improving speed and accuracy, enabling teams to move from reactive investigation to proactive, informed decision-making.

Simultaneously, attackers are leveraging AI to scale attacks, compressing response windows and increasing pressure on defenders to operate at machine speed. In this model, AI is not just executing tasks. It is guiding decisions and driving outcomes.

Securing AI: a new priority for security leaders

Beyond using AI to improve security operations, RSAC made it clear that securing AI itself is now a critical focus. Organizations are increasingly asking how to control access to AI tools and models, protect sensitive data being used or generated by AI, and ensure AI-driven decisions are trustworthy and auditable.

AI introduces new attack surfaces. Models can be manipulated, data can be exposed and access can be abused if not properly controlled. This reinforces a core principle seen throughout RSAC. AI security depends on strong identity, trusted devices and complete visibility.

Identity security and device context in AI-powered access control

AI-driven security is only as effective as the signals it can access. Identity and device posture have become foundational inputs: not just for securing endpoints, but for securing access to AI systems. Security is moving away from static policies toward dynamic, risk-based access decisions informed by user identity, device posture and behavioral signals. Trust is no longer assumed. It is continuously evaluated.

This model depends on accurate, real-time data from every device. Ensuring endpoints, including Mac and mobile devices, provide consistent posture and compliance signals is critical to enabling effective, identity-driven security decisions.

Connected security platforms: integrating endpoint, identity and cloud security

A consistent theme across RSAC was the move beyond siloed point solutions toward connected security platforms. The conversation is no longer about replacing tools, but about ensuring they work together to deliver better outcomes. AI cannot deliver meaningful results in isolation. It depends on connected data across endpoint, identity, cloud and network layers where signals can be shared, correlated and acted on in real time.

Organizations are increasingly focused on bringing their existing investments together, creating a unified view that enables smarter decisions and faster response. This is not about consolidation for its own sake. It is about integration: ensuring every part of the security stack contributes to a complete, accurate and actionable picture of risk.

Mac and mobile adoption expands as enterprise conversations evolve

One of the most notable shifts from conversations at the Jamf booth was the continued acceleration of Mac and mobile adoption in the enterprise. These devices are no longer positioned as alternatives. They are now a standard part of modern enterprise environments, driven by employee choice, productivity gains and evolving workplace expectations.

This momentum was reinforced by Apple’s announcements concerning Apple Business, highlighting continued investment in making devices more accessible and manageable for organizations of all sizes. Apple is clearly focused on reducing barriers to entry, particularly for small and mid-sized businesses, simplifying procurement, deployment and identity integration.

Conversations also increasingly reflected the opportunity to bring Mac into more traditional enterprise environments. With the latest hardware innovation of the MacBook Neo positioned at a more accessible price point, Mac is becoming a viable option not just in education or creative roles, but as a broader enterprise endpoint.

From a security and operations perspective, this growth introduces new requirements around scale, consistency and automation. Discussions at the Jamf booth frequently centred on how organizations are modernizing their approach through Infrastructure as Code (IaC): moving toward repeatable, version-controlled deployments and Platform Single Sign-On (PSSO) to strengthen identity integration and streamline authentication.

Modern endpoint security: expanding beyond traditional devices

RSAC 2026 reinforced that endpoint security has expanded beyond traditional devices. Security teams are now responsible for a broader and more diverse set of endpoints, including mobile devices and developer environments, all operating across increasingly distributed workforces. Any gap in visibility is now a material risk, particularly in AI-driven environments where incomplete data leads directly to incomplete decisions.

From the Jamf perspective, a consistent theme was the need to eliminate these gaps. Mac and mobile devices must be visible, compliant and integrated into detection and response workflows. They cannot sit outside of the broader security model.

Enterprise mobile security: from everyday protection to advanced threat defense

Enterprise mobile security is becoming a core part of modern security strategies as organizations secure and manage an increasingly diverse fleet of devices. At scale, the priority is consistency, visibility and integration.

Jamf for Mobile provides the foundation for enterprise mobile security delivering management, security and compliance across iOS, iPadOS and Android. This ensures mobile devices are fully integrated into identity workflows, security operations, and broader risk management strategies rather than operating as blind spots.

Traditional approaches such as Mobile Application Management (MAM) alone are no longer sufficient. Securing just the application layer does not provide the full picture of device risk, user behavior or overall security posture. As mobile devices become a primary endpoint for work, organizations need visibility and control at the device level, not just within managed apps.

For security teams, the challenge extends beyond prevention. They need consistent visibility, control and the ability to enforce compliance across every mobile device, while ensuring those devices are integrated into broader security operations.

Behind the scenes: securing RSAC from the NOC

One of the more unique experiences at RSAC is the opportunity to go behind the scenes and see how the event itself is powered and maintained through the Network Operations Center (NOC). The NOC provides a live, real-time view into the infrastructure supporting the entire conference: monitoring network performance, availability and traffic across thousands of connected devices. From Wi-Fi connectivity across the show floor to ensuring seamless access for attendees, exhibitors and sessions, the NOC acts as the central hub for maintaining uptime and reliability at scale.

What stands out is the level of visibility and coordination required. Large displays show live telemetry, network health and usage patterns, enabling teams to quickly identify and resolve issues before they impact the experience. It is a constant, real-time operation that ensures a highly dynamic, high-density environment that runs without disruption.

The NOC tour brings to life many of the themes discussed throughout RSAC. Real-time visibility, integrated systems and rapid response are not just concepts. They are operational necessities.

Security ecosystem integrations: driving better outcomes across the stack

RSAC reinforced that security outcomes are no longer delivered by individual tools, but by how well platforms integrate and work together. This was demonstrated through partner sessions on the Jamf booth, including Tines, Airlock Digital, DiscernSecurity, SentinelOne, Workbrew and Teqtivity.

Each partner brought a different capability, but the common thread was integration: showing how connected systems enable better visibility, stronger compliance and more effective response.

The future of AI security: integrated, automated and outcome-driven

As the week wrapped up, the direction of travel was clear. AI will redefine how security teams operate, while also introducing new risks that must be secured. Success will depend on integration: bringing together identity, endpoint, cloud, mobile and AI systems into a unified, trusted view. Jamf plays a critical role in enabling this future by ensuring Mac and mobile devices are secure, compliant and fully integrated into modern security architectures.