The IT Pro Podcast: How secure is metaverse tech?
If we're not careful, the risks of this new frontier could outweigh the rewards

Metaverse technology: although it still hasn’t found its feet, it’s the headline-grabbing area of development that has seen massive investment in just the past few years. Meta has spent over $15 billion on the tech through its Reality Labs division, and Microsoft, Apple, Nvidia, and more have all begun development using variations on metaverse tech.
But like any new technology, metaverse tech will also usher in new security risks, from innovative threat actors and existing vulnerabilities inherited by building this new frontier on legacy architecture.
This week, we spoke to Rick McElroy, Principal Cyber Security Strategist at VMware, about the opportunities and challenges metaverse tech, and what we can do while it’s still in its infancy.
Highlights
“The cool part of all of it is, we actually get to design it. Right? Like, we're humans, we're now working on some in the future. And so we do get to look at the past, have those design considerations? And then really move forward with like, how can we start to fundamentally get rid of some of these things from the beginning, because we know that they're going to happen, right? And so I hope the opportunity is exciting for folks that are working on those projects.”
“I can tell you, I've talked to no CISOs over the last 18 months where it's at the top of their project list. Generally speaking, ransomware is still at the top of that list. Again, the security fundamentals of being able to patch as quickly as possible, and then of course, recover from some types of these attacks.”
“We're not writing a new internet protocol for the metaverse, it's going to be IPv6 and IPv4. Generally speaking, it'll be IPv6, because it's a lot of new companies that are adopting it. Manipulation of that TCP/IP stack is still real, those threats exist all the time, adversaries take advantage.”
Read the full transcript here.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Footnotes
- What is Web3 and will it revolutionise the internet again?
- Microsoft signs $22bn deal to supply US Army with HoloLens devices
- Apple's mixed reality headset could debut in 2022
- Why AR, not VR, is the next big thing in business
- Meta's earnings are 'cause for concern' and 2023 looks even bleaker
- The future of virtual assistants might lie in the metaverse
- Did the Pentagon really ban Furbys?
- What is metaverse security?
- How to protect your endpoints
- If not passwords then what?
- What is TCP/IP?
- Whatever happened to IPv6?
- What is zero trust?
- What is GDPR? Everything you need to know, from requirements to fines
- What is the California Consumer Privacy Act (CCPA)?
- Understanding PCI compliance: The role of the channel
- What is Wi-Fi 7?
- US unveils next-gen encryption tools to withstand quantum computing attacks
- Seven steps to keeping metaverse meetings safe and secure
- Meta deepens metaverse partnership with Microsoft and Accenture, still lacks compelling business case
- Immersive tech can be more than just a gimmick
- Siemens and Nvidia partner on industrial metaverse concept
- Into the metaverse: Everything we learned from our virtual tour
- The metaverse is a waste of time, effort and processing power
Subscribe
ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.
For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
The new era of cyber threats
ITPro Podcast With AI-powered attacks and state-backed groups, security teams face face a new wave of sophisticated threats
By Rory Bathgate Published
-
Billions of IoT devices will need to be secured in the next four years – zero trust could be the key to success
News Researchers have warned more than 28 billion IoT devices will need to be secured by 2028 as attacks on connected devices surge.
By Emma Woollacott Published
-
Cisco claims new smart switches provide next-level perimeter defense
News Cisco’s ‘security everywhere’ mantra has just taken on new meaning with the launch of a series of smart network switches.
By Solomon Klappholz Published
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilities
News Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
By Emma Woollacott Published
-
Supply chain scares and Google’s AI code
ITPro Podcast As the ransomware attack on Blue Yonder disrupts a wide range of firms, Google moves to lead by example on internal AI code
By Rory Bathgate Published
-
T-Mobile security chief insists its defenses stood up to attacks linked to Salt Typhoon
News No T-Mobile customers or services were affected after its security teams detected suspicious activity on their routers
By Solomon Klappholz Published
-
Halloween special: Cybersecurity horror stories
Podcast Join us for three terrifying tales sure to chill any IT professional to the core
By Jane McCallion Published
-
Securing your network in every direction with zero trust
Whitepaper Webinar on the evolution of network security
By ITPro Published