Press Release

Phosphorus Launches the “15-30-60 xIoT Challenge” at RSAC 2024, Setting a New Industry Standard for Preventing xIoT Threats Faster

The Phosphorus 15-30-60 xIoT Challenge, launching at RSAC 2024.

NASHVILLE, TN – Phosphorus Cybersecurity Inc., the leading provider of unified, prevention-based security management for the xTended Internet of Things (xIoT), today announced it is launching the “15-30-60 xIoT Challenge” at the upcoming RSA Conference. The new initiative is designed to set a new industry rule and framework for proactive xIoT security management and threat prevention, significantly reducing risk in the rapidly expanding and vulnerable Cyber-Physical System (CPS) landscape.

With IoT and OT devices now comprising up to 30% of an enterprise’s attack surface, the 15-30-60 xIoT Challenge demonstrates a necessary shift in safely and efficiently FINDING, FIXING, and MONITORING vulnerable IoT, OT, IIoT, and IOMT Cyber-Physical Systems.

The 15-30-60 Rule for Preventing xIoT Threats Faster:

    • 15 minutes to Discover & Assess all xIoT assets
    • 30 minutes to begin Password and Device Hardening
    • 60 minutes to begin Remediation & Patching

“The 15-30-60 xIoT Challenge not only establishes a new industry benchmark but highlights a fundamental shift from the current state of passive, detection-based tools to a proactive, prevention-based solution that fundamentally reduces risk across the entire xIoT attack surface,” said John Vecchi, Chief Marketing Officer of Phosphorus. “This rule is more than a framework – it’s a challenge for every organization to see for themselves why many of the largest global brands are deploying Phosphorus’ groundbreaking platform to do what they never thought was possible: safely find and assess every IoT, OT, and IoMT Cyber-Physical System, harden them against default credentials and insecure configurations, remediate for unpatched firmware and critical vulnerabilities, and continuously monitor and manage for environmental drift, misconfigurations, and risk-based alerts — all without hardware, agents, or hassles.”

Phosphorus’ software-based and agentless Unified xIoT Security Management Platform is the industry’s only proactive CPS Protection Platform covering the entire security and management lifecycle for xIoT. Through its unique ability to directly communicate with over one million device models in their native languages, the platform enables organizations to safely discover, harden, remediate, and manage every IoT, OT, IIoT, and IoMT device — including the most sensitive mission-critical and life-critical assets.

“Every Device Counts”

In an evolving cyber threat landscape, a single unmanaged device can open the door to a broader network attack like ransomware. However, 80% of organizations still can’t identify the majority of their IoT and OT assets — leaving tens of thousands to millions of devices vulnerable at any large organization.

Phosphorus’ “Every Device Counts” strategy emphasizes a holistic security approach that leaves no CPS device unknown, unmonitored, and unmanaged. This philosophy is central to preventing the vulnerabilities that arise from the “Unknown, Unmanaged, Unmonitored” status of many IoT, OT, and IoMT devices across industries.

The 15-30-60 Framework for Proactive xIoT Security Management

Phosphorus’ initiative advocates for a crucial shift in the way enterprises manage the security of their increasingly interconnected device environments. It emphasizes the need for organizations to adopt a proactive security stance, addressing CPS vulnerabilities before they can be exploited.

The 15-30-60 xIoT Challenge establishes a new framework for fundamentally reducing risk by concentrating on essential priorities: complete and safe xIoT discovery, high-fidelity risk assessment, proactive password and device hardening, and automated patching and remediation.

15 Minutes to Discover: Phosphorus’ Unified xIoT Security Management Platform can be up and running in minutes, enabling our patented and deterministic Intelligent Active Discovery engine to find, identify, and assess all of your xIoT devices in as fast as 15 minutes – without infrastructure or agents. Legacy passive and active discovery tools can take days to weeks, with incomplete and inaccurate results combined with disrupted or degraded operations.

30 Minutes to Harden: Phosphorus finds that most organizations fail to change, manage, and harden device configurations and passwords since doing so at scale — and across all types of IoT, OT, and IoMT Cyber-Physical Systems — is simply not possible with legacy tools. With Phosphorus, you can be hardening device configurations and changing default passwords at scale, and in as little as 30 minutes, after deploying our software-based platform. It takes on average 60 hours to manually change and update passwords and configurations on even a single type of xIoT device. And this doesn’t include the regular rotation of passwords, according to industry best practices. 

60 Minutes to Remediate: As IoT and OT vulnerabilities continue to increase, remediation and patching of Cyber-Physical Systems grow more complex. The average firmware across devices is 7 years old, and 68% have high-risk to critical CVEs, complicating effective management. Legacy tools often lack the capability and visibility needed for safe, automated updates, turning manual remediation into a labor-intensive process that can exceed 100 hours for each type of device. With Phosphorus’ automated CPS Protection Platform, you can safely and efficiently patch and remediate even the most sensitive, mission-critical xIoT devices in as little as 60 minutes – with full control. 

Take the 15-30-60 Challenge

LEARN how your organization can take the Phosphorus 15-30-60 Challenge for xIoT threat prevention and begin proactively reducing your risk today. Or, SCHEDULE your free, half-day 15-30-60 xIoT Challenge Workshop to learn how you can find, fix, monitor, and manage your entire xIoT attack surface safely and efficiently.

Join us at RSAC for live demonstrations of the 15-30-60 xIoT Challenge with Phosphorus’ one-of-a-kind Mobile xIoT Security Lab. Learn more about the challenge and how it can transform your company’s xIoT security practices by visiting


Phosphorus Cybersecurity

Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to find, fix, and monitor the rapidly growing and often unmonitored Things of the enterprise xIoT landscape.