Ian McShane, VP of Strategy at Arctic Wolf, investigates…
Whether you’re the perpetual believer or the dismissive cynic, there’s no doubt that the concept of the metaverse is the hot topic dominating much conversation in the tech industry right now. When the word “Metaverse” started dominating the news, I immediately thought of the dystopian future where a new reality was needed to distract us from the real world misery, just like Ready Player One.
At first it felt like a left-wing, alternative fantasy that mostly resided in the world of games and movies. Now, in a very short time, the reality is that the Metaverse is now becoming the next incarnation of the Internet, and huge corporations around the world are investing huge amounts of money in it. The headline face is Facebook as they are betting big on the metaverse that is the future of their social media juggernaut. Meanwhile, Nike has also made a number of acquisitions to become metaverse ready, we’re starting to see real estate changing hands, and in finance, banks are hedging their bets on a future in the virtual world.
Even Microsoft took the opportunity to jump on the bandwagon, claiming that the Activision acquisition will “provide building blocks for the Metaverse.” Unsurprisingly, and entirely consistent with the rest of the Metaverse narrative, they didn’t provide any further details on what that means.
While there is a lot of hype and anticipation, there are still many aspects of the metaverse that need to be understood. Breaking out of the tech and marketing bubble, does anyone really understand what this could mean for our future lives? An interesting recent study looked at the range of questions people were asking on Google, and I think this is a real indicator of the “continued unknown” about what the metaverse means. If a large proportion of people don’t fully understand this now, how can we effectively prepare for the next wave of cybersecurity threats that this will bring?
As this new digital world seeks to further infiltrate our lives, there are some obvious red flags from a cybersecurity perspective that we need to consider. Of course – and beyond my incredible skepticism – like others in our industry, I have immediate concerns and questions about security and privacy, despite the limited “normal acceptance” of this current cutting-edge technology trend.
However, I also believe that this represents an opportunity for many companies around the world to catch up on cybersecurity and invest appropriately in their operations. Anyone who collects and stores personal information, and no doubt sells the data and intelligence, has a moral and legal obligation to obtain data protection and privacy rights. If now isn’t the time to prioritize data and cyber security, then I don’t know what is! Many organizations need to consider the metaverse and new strides in augmented reality as another compelling reason to prioritize cybersecurity investments and planning.
This doesn’t have to mean companies have to buy a bunch of tools and platforms that nobody knows how to use. Instead, the key to improving security operations can be a really smart investment in existing employee talent. If companies can train the right people already within their organization and increase knowledge of the metaverse’s rapidly evolving threat landscape, it will go a long way in preparing for what is to come. Businesses can then complement these team skills with the technology and expertise of an appropriate security partner to find the right balance.
Digging a little deeper, it’s important that we start considering what security challenges the metaverse might pose and what kind of knowledge needs to be acquired. A real indicator of adoption will be criminal activity aimed at this world. To stick with my movie analogies, there’s every chance this world will quickly become a new avenue for cybercrime, just like Lawnmower Man or Hackers. That’s because most descriptions of the metaverse sound like VR “worlds” where you buy and interact with things that don’t exist in reality. While they are not meant to exist in “reality” and are intended to be part of a decentralized chain of custody, it is important for us to remember that these things remain linked to a person’s real wealth and identity, even though they are obfuscated to ensure anonymity .
In another way, the NFT/Web3 world is also likely a prime place for scammers and scammers to operate. NFTs and Metaverse products are already attracting people looking for a get-rich-quick opportunity, which is an easy target for cybercrime. I wouldn’t be surprised to see DeFi currency scams target “celebrity” VR avatars to take over accounts to manipulate BTC market prices, as we’ve recently seen on Twitter profiles.
Potential scams aside, the real focus this year will be on this tipping point for widespread Metaverse adoption, as this will prioritize security and privacy if or when there is a true global adoption of these technologies. While the metaverse represents a huge new frontier for businesses and consumers to get involved, it will absolutely provide another opportunity for cybercrime to thrive. Despite protections in place, particularly with cryptocurrency and blockchain, there is still no regulation in the Metaverse, and as we’ve seen with ransomware and extortion tactics, legal recourse for attacks is also slim, making it an extremely attractive venture – and potentially more lucrative – Space for cyber criminals.
History has shown us that with many emerging technologies, security is often an afterthought, but if there’s any learning we can take from the last 12 months, it’s that cybersecurity needs to be a priority, and that is Metaverse not otherwise. Whether it’s Nike, Facebook or any other company creating a digital playground, they need to make sure they invest as much in cybersecurity as they do in developing those technologies. While that world may not yet be a mainstream reality, those companies that are integrating their cybersecurity operations from the ground up to prepare for the Metaverse now will be in a much better position to combat an evolving threat landscape that is rapidly becoming more complicated .
https://techround.co.uk/news/why-the-metaverse-is-our-chance-to-play-cybersecurity-catch-up/?utm_source=rss&utm_medium=rss&utm_campaign=why-the-metaverse-is-our-chance-to-play-cybersecurity-catch-up Why the Metaverse is our chance to play cybersecurity catch-up