We’ve got some recommendations for presentations and hands-on learning in the Sandbox Villages.
Looking for the best IoT and OT security sessions at RSA Conference 2025? Whether you’re focused on industrial control systems (ICS), IoT risk management, or physical security in cyber-physical environments, RSAC has something for you.
As enterprise attack surfaces continue expanding into connected devices and legacy technology, so do the risks – and attackers are already adapting. In fact, recent reports show ransomware groups like Akira are now pivoting toward extended Internet of Things (xIoT) devices to breach networks and exfiltrate data.
At Phosphorus, we recently broke down how Akira exploited a vulnerable IP camera to gain a foothold in an enterprise network:
- How Akira Used a Camera to Compromise an Enterprise
- Phosphorus Live Recap: Akira Ransomware & the IoT Attack Surface
This evolving threat landscape makes RSA Conference 2025 (where you can also go hands-on with our xIoT security management platform) a critical opportunity to sharpen your defenses. In this post, we’ve curated the top sessions and hands-on experiences from the RSAC agenda that are must-attends for anyone looking to secure the extended IoT/OT ecosystem.
The first two sessions selected are presented by renowned industry experts that are frequent speakers with a wealth of knowledge and experience covering important topics related to xIoT. The third session is an introduction to physical security. This session is important to xIoT and IT environments and is an area in which most people lack experience and knowledge.
Recommended RSAC 2025 Sessions for xIoT Security Pros
Enhancing Wireless Security in the Era of IoT
Session ID: BOF1-M01
Presenter: Jennifer (JJ) Minella – Principal Advisor, Viszen Security
Wi-Fi security is evolving, but IoT, unmanaged devices, and new wireless tech bring fresh challenges. Wi-Fi 6E, 7, and 8 change the game. Join peers to discuss how to secure IoT and unmanaged devices on Wi-Fi, using 802.1X, NAC vs. segmentation, how Wi-Fi 6E & 7 impact security, moving to cert-based IoT, lessons learned from Wi-Fi security incidents, and more. Share what works.
Defensive Tensions in Critical Infrastructure Cyber Defense
Session ID: CIT-M02
Presenter: Joseph Slowik – ATT&CK CTI Lead, The MITRE Corporation
If everything is critical, then nothing is critical, so cyber defense of critical infrastructure requires first identifying what is truly “critical” and what is not, leading to a separation between haves and have-nots. This discussion will explore this concept and the tensions and questions it raises while offering potential solutions for broader societal defense.
Intro to Physical Security
Session ID: SBV2-T01
Presenters: Terry Luan & Karen Ng – Physical Security Village
This presentation will be held in the Identity, Critical Infrastructure, Sandbox Villages.
Physical security is an important consideration when designing a comprehensive security solution. There are loads of ways to get through a door without actually attacking the lock itself, including using the egress hardware, access control hardware, and countless other techniques to gain entry. Learn how these attacks work as well as how to defend against these attacks in this talk!
Dive Into Hands-On Learning in the RSAC Sandbox Villages
Beyond the lecture halls, the RSAC Sandbox Villages offer immersive, experiential learning environments that let you test, tinker, and challenge your xIoT knowledge in real time.
Experience cutting-edge cybersecurity innovations at this ultimate hub. You will have the opportunity to learn by doing hands-on experiences that range from capture the flag and an escape room to the DARPA AIxCC Experience, featuring a fictional city where you can deepen your understanding about the stakes of advancing AI-driven cybersecurity. As you explore and play in the RSAC™ Sandbox, look for our many volunteers ready to answer your questions and provide a guided tour or opportunity to test your skills.
ICS Sandbox (by ICS Village)
Explore how to detect and respond to attacks on industrial control systems through live scenarios and guided exercises.
IoT Sandbox (by IoT Village)
Join researchers and engineers as they unpack vulnerabilities in connected devices and participate in competitive hacking challenges.
Physical Security Sandbox (by Physical Security Village)
Try your hand at lockpicking, hardware bypass techniques, and other physical exploitation methods often overlooked in cyber defense.
Visit Physical Security Village →
Attending the 2025 RSA Conference offers valuable opportunities to learn about xIoT security. The sessions highlighted, including those on wireless security, critical infrastructure cyber defense, and physical security, provide insights from industry experts.
Additionally, the hands-on experiences in the Sandbox Villages, such as the ICS, IoT, and Physical Security Sandboxes, offer practical learning and skill development. Engaging with these resources will enhance understanding and capabilities in addressing xIoT security challenges.
Meet Phosphorus at RSAC 2025
If you want to strengthen your xIoT presence, attending RSA Conference 2025 offers a valuable opportunity to discover new tools, engage with industry leaders, and refine your strategy. While you’re at the event, we encourage you to connect with the Phosphorus Cybersecurity team.
- Book a private session in our executive suite at the St. Regis
- Get hands-on with our Mobile xIoT Security Lab and see how we remediate live device risks
- Join us for Happy Hour and network with peers in the OT/IoT security community
Secure your spot now at our RSAC 2025 event hub →
We’ll see you in San Francisco!
Related Posts
On April 3, 2025, Phosphorus LIVE tackled one of the most eye-opening cyber events...
Did You Know Your Office Camera Could Be a Cybercriminal’s Backdoor? Let us set...
