Organizations neglect security concerns and jump into the metaverse: Tenable

Tenable®, the Exposure Management company, released the findings of a global study that revealed cybersecurity is the most important factor for businesses when deciding whether to invest in the metaverse. In fact, even in a difficult global economy, concerns about macroeconomic conditions trailed behind concerns about cybersecurity. This sentiment emphasizes the increasing importance of cybersecurity in a digital economy to ensure a safe and secure environment for users.

“Measure Twice, Cut Once: Meta-curious Organizations Relay Security Concerns Even as They Plunge Into Virtual Worlds,” a survey of 1,500 IT, cybersecurity, and DevOps professionals in Australia, the United Kingdom, and the United States, was conducted. The study investigates how organizations approach the opportunities and challenges of creating, securing, and participating in the metaverse, as well as providing insights into the risks and rewards of investing in this new technology.

Organizations have begun to investigate the metaverse and its capabilities, despite the fact that it is still in its infancy. In fact, 23% of organizations have already ventured into the metaverse, and 58% plan to do so within the next year.

Less than half of respondents feel very confident in their ability to curb threats in this new environment, the metaverse poses both new and legacy cybersecurity risks and challenges. According to survey respondents, threats that are either “somewhat” or “very”  likely to take place in the metaverse include:

• Conventional phishing, malware and ransomware attacks (81%)
• Compromised machine identities and API transactions (84%)
• Cloning of voice and facial features and hijacking video recordings using Avatars (79%)
• Invisible-avatar eavesdropping or ‘man in the room’ attacks (78%)

In addition to cybersecurity threats, respondents identified several major barriers to entry, including the possibility of security breaches and identity theft (34%), a lack of a clear process for data privacy (33%), and a lack of experienced security professionals to secure the metaverse (32%).

“As with any new business opportunity, first movers have the advantage and the risk,” said Bob Huber, chief security officer and head of research, Tenable. “The foundation of the cybersecurity program must be solid before making a big leap into largely unknown territory and drastically expanding your attack surface. Forward- thinking organizations that take the time and make wise investments in their security personnel and the security and integrity of their infrastructure are more likely to be successful in the metaverse or any other technology investment.”

Other key findings from the report include:

• 87% of respondents are in favor of regulating the metaverse.
• Nine in 10 respondents agree that organizations need to adequately develop a cybersecurity framework prior to offering services in such a virtual environment.
• More than half (55%) of respondents said their organization will need to invest in training their current employees about safe cybersecurity practices to support their investment in the metaverse.
• When asked about the skills required for the metaverse, respondents cited UI/UX designing, 3D modeling, blockchain and gaming development, cybersecurity and software development as important development areas.