Jamie Akhtar, CEO and cofounder of CyberSmart.
getty
At Facebook’s annual Connect conference in October 2021, founder and CEO Mark Zuckerberg affirmed the company was rebranding as Meta. The announcement spread like wildfire, taking over online forums and news feeds. Yet, what truly caught the public’s attention was the promise of a “next chapter for the internet,” or “an embodied internet where you’re in the experience, not just looking at it.” The company would be championing the “metaverse.”
After Zuckerberg’s announcement, the term “metaverse” grew in popularity and became incorporated into the common lexicon. Indeed, in October 2021 alone, an estimated 2.62 million people searched for information about the “metaverse.” However, the idea existed long before the tech magnate uttered the word. In fact, it was first used in Neal Stephenson’s 1992 science-fiction novel, Snow Crash, to depict a virtual escape from reality. The difference today is that it has since gained real-world significance.
Through a combination of AI with virtual and augmented reality (VR/AR), a new functional and interactive online space has emerged, upheld by its own unique economy. To allow for human participation, avatars are created and powered by devices and headsets. Though most of these devices require further fine-tuning by their manufacturers, the prospect of full online immersion has never been closer. In just a few years' time, we may all find our avatar-selves roaming virtual worlds as well as accessing entertainment and information in a brand-new way.
The opportunities that this brings are limitless, from improved and more affordable education to greater connectivity and an alternative means of conducting business. The metaverse could also be all-encompassing, touching every aspect of our lives, including future business models, the workplace, social media, the economy, entertainment and the overall fabric of society. Still, much like the broad nature of the metaverse, the potential dangers for consumers and entrepreneurs will be vast.
Cyberthreats In The Metaverse
As the metaverse is still in its infancy and efforts have been directed largely towards innovation, the space suffers from a lack of regulation and cybersecurity oversight. Chances are that many of the threats we actively grapple with today will filter into the metaverse, though exacerbated in scale. The rise in both number and interconnectivity of devices integral to the virtual arena will no doubt create a larger attack surface, making it harder to monitor and manage threats. The stakes will likely surge as well, with more data at play, including our biometrics.
The closing gap between work and home, the public and personal, will make it harder to bar unwanted communications or prevent the exchange of sensitive information between the two spheres. In exchange for a personalized experience, we may all unintentionally lose the rights to our data. We will likely face issues tied to identity verification and increasingly sophisticated phishing attacks. With businesses and individuals trading in cryptocurrency and other digital currencies, we can also expect scams to be rife.
Although government authorities are responsible for laying regulations down early to restrict the scope of crime as well as add some structure and control, there are steps businesses can take to minimize risk. You will want to:
• Implement regular and thorough cybersecurity awareness training. Employees should walk away with a good understanding of the latest scams, the importance of data privacy and how to maintain this, as well as security best practices.
• Introduce a clear security policy. Businesses must outline the responsibilities of both the company and the employees, detailing what data will or will not be collected, how communication should be conducted within the metaverse and the distinction between personal and work devices, among other considerations.
• Actively monitor for vulnerabilities, seeking external help where necessary. Whether through an internal security team or by hiring external penetration testers, it is critical that all devices are frequently assessed for flaws and addressed.
• Adopt a “zero trust” model. Authentication and verification should be at the core of all activity occurring within the metaverse; as zero trust’s name suggests, no one should be unquestionably trusted.
More importantly, businesses must be adaptable. The internet and cyber world as a whole are changing and changing fast. Though we can attempt to preempt the rising threats, we need to be open to any and all possibilities and alter our cybersecurity strategies accordingly. Maintaining cybersecurity is a dynamic endeavor and cannot be solved with a one-off fix. It is critical that businesses stay attuned to the developing threat landscape and heed expert advice.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
