Cybersecurity is the top-most concern of companies considering investment in the metaverse, according to a study by Exposure Management company Tenable. According to the study, even in the global economic slowdown and a weakening economic outlook, businesses considering investment in metaverse are worried more about cybersecurity threats than the economic woes, underscoring the growing importance of cybersecurity in a digital economy.
The study titled “Measure Twice, Cut Once: Meta-curious Organizations Relay Security Concerns Even as They Plunge Into Virtual Worlds,” surveyed 1,500 IT, cybersecurity and DevOps professionals in Australia, the U.K. and U.S.
The study investigates at how companies are handling the opportunities and challenges of creating, securing, and adopting the metaverse. It also provides crucial insights into the risks and benefits of making investments in this emerging technology.
Although the technology is still in early stage, companies have started to explore the metaverse and its capabilities. In fact, 23% of organizations have already ventured into the metaverse, and 58% plan to conduct business in the metaverse within the next year.
Less than half of respondents feel very confident in their ability to curb threats in this new environment, the metaverse poses both new and legacy cybersecurity risks and challenges.
According to survey respondents, threats that are either “somewhat” or “very” likely to take place in the metaverse include:
- Conventional phishing, malware and ransomware attacks (81%)
- Compromised machine identities and API transactions (84%)
- Cloning of voice and facial features and hijacking video recordings using Avatars (79%)
- Invisible-avatar eavesdropping or ‘man in the room’ attacks (78%)
In addition to the cybersecurity threats, respondents identified several major barriers to entry, including the prospect of security breaches and identity theft (34%), the lack of a clear process for data privacy (33%) and the lack of experienced security professionals to secure the metaverse (32%).
Bob Huber, chief security officer and head of research, Tenable, said: “As with any new business opportunity, first movers have the advantage and the risk.”
“The foundation of the cybersecurity program must be solid before making a big leap into largely unknown territory and drastically expanding your attack surface,” Bod said.
According to Bob, “Forward-thinking organizations that take the time and make wise investments in their security personnel and the security and integrity of their infrastructure are more likely to be successful in the metaverse or any other technology investment.”
Other key findings from the report include:
- 87% of respondents are in favor of regulating the metaverse.
- Nine in 10 respondents agree that organizations need to adequately develop a cybersecurity framework prior to offering services in such a virtual environment.
- More than half (55%) of respondents said their organization will need to invest in training their current employees about safe cybersecurity practices to support their investment in the metaverse.
- When asked about the skills required for the metaverse, respondents cited UI/UX designing, 3D modeling, blockchain and gaming development, cybersecurity and software development as important development areas.
Additional resources are available on the Tenable blog: https://www.tenable.com/blog/what-happens-when-the-metaverse-enters-your-attack-surface
The online survey was conducted by Opinion Matters on behalf of Tenable. A total of 1,500 professionals representing roles in cybersecurity, DevOps and IT engineering participated in the survey. The study was fielded in Australia, the U.K. and the U.S. in October and November 2022.
Read Also: How Congruent Labs Is Disrupting Cybersecurity Industry?