12/20/2022 – The metaverse harbors both new and old cybersecurity risks and challenges. However, many companies are not yet prepared for this.
by Frauke Schobelt
When companies decide to invest in the Metaverse, cybersecurity also plays an important role. This is shown by the global study “Measure Twice, Cut Once: Meta-curious Organizations Relay Security Concerns Even as They Plunge Into Virtual Worlds”
. The exposure management service provider surveyed 1,500 IT, cybersecurity and DevOps experts. The study examines how organizations are addressing the opportunities and challenges associated with building, securing, and participating within the metaverse.
While the Metaverse is still in its infancy, the companies surveyed have begun to explore the new world of the Metaverse and its possibilities. 23% have already ventured into this new area and 58% plan to do business there in the next year.
However, less than half of respondents are very confident in their ability to contain cyberattacks in this new environment. According to the survey, the following threats in the metaverse are either “fairly” or “very” likely:
- Traditional phishing, malware, and ransomware attacks (81%)
- machine identities and API transactions compromised (84%)
- Cloning voice and facial features and hijacking videos using avatars (79%) and
- Eavesdropping by invisible avatars or “man-in-the-room” attacks (78%)
Among other top barriers to market entry, 34% cite the prospect of security breaches and identity theft, 33% the lack of a clear process for protecting private data, and 32% the lack of experienced security professionals to secure the metaverse.
“As with any new business opportunity, beginners face both benefits and risks”said Bob Huber, director of security and head of research at Tenable. “The foundation of the cybersecurity program must therefore be solid before you can take a big leap into largely uncharted territory and thereby significantly expand your own attack surfaces.” Companies must therefore take the time to invest in their security personnel and in the security and integrity of their infrastructure.
Other study results
- 87% of respondents are in favor of regulating the Metaverse;
- nine out of ten respondents agree that companies should develop an appropriate cybersecurity framework before offering services in such a virtual environment;
- More than half (55%) of respondents say their organization needs to invest in training current employees on cyber security practices to support their investments in the metaverse;
- When asked about the skills required for the Metaverse, respondents cited UI/UX design, 3D modeling, blockchain and game development, cybersecurity, and software development as key development areas.