Businesses are making big plans for the metaverse, and a new study from Tenable shows that the vast majority have security on their minds as a top issue. However, that doesn’t mean they quite yet know how to properly address the issue. Though awareness of its importance is high, confidence in metaverse security is still fairly low.
Despite these security concerns, companies are feeling pressure to quickly jump into a market that is expected to immediately be worth hundreds of billions of dollars. Tenable surveyed over 1,500 IT professionals and found that 90% consider metaverse security to be an issue of high importance, but less than half think that their present cybersecurity capability is going to be adequate to the task.
Metaverse security front of mind, but confidence not strong
Organizations that are already struggling with phishing and malware are expecting to see those attacks continue at full strength in the metaverse. However, they may be at more of a disadvantage in this arena given the newness of the technology.
Old attacks are broadly expected to be accompanied by new forms of incursion: impersonation or hijacking of trusted user avatars in the metaverse, infiltrators that gain direct access to headsets or manage to hide an invisible character in virtual spaces, and attacks on an array of new APIs that will surely emerge among the assortment of metaverse providers. Interoperability between different metaverse service providers is also quite likely to create security holes, at least in the early going.
Organizations are hoping that the government will be the first line of metaverse security, with 87% saying that they want to see strong and early regulation. More than half plan to provide staff with specialized training, and half will create and hire for specialized metaverse security roles.
Organizations that say they are more hesitant to get into the metaverse right away say that security is their #1 concern, but it is closely followed by a lack of clear processes for data privacy and their ability to recruit the specialized security professionals that will be necessary.
Most organizations interested in metaverse, 23% already building initiatives
68% of organizations say they are ready to plunge into the metaverse despite not being sure if they can handle security. 23% are already building out their initiatives, and almost half say they are interested in customer engagement opportunities in this new space.
It is still unclear in which directions the metaverse will develop, however. Early efforts are focused on games and social hangouts, not something particularly relevant to most businesses. Organizations are interested in virtual meetings and virtual training in addition to marketing opportunities, but viable applications have yet to emerge and the metaverse still has a lot to prove in these areas. A substantial amount of respondents said they are going to wait a little bit and see how other businesses fare before they jump in with both feet.