The IT Pro Podcast: How secure is metaverse tech?

Metaverse technology: although it still hasn’t found its feet, it’s the headline-grabbing area of development that has seen massive investment in just the past few years. Meta has spent over $15 billion on the tech through its Reality Labs division, and Microsoft, Apple, Nvidia, and more have all begun development using variations on metaverse tech.

But like any new technology, metaverse tech will also usher in new security risks, from innovative threat actors and existing vulnerabilities inherited by building this new frontier on legacy architecture.

This week, we spoke to Rick McElroy, Principal Cyber Security Strategist at VMware, about the opportunities and challenges metaverse tech, and what we can do while it’s still in its infancy.

Highlights

“The cool part of all of it is, we actually get to design it. Right? Like, we're humans, we're now working on some in the future. And so we do get to look at the past, have those design considerations? And then really move forward with like, how can we start to fundamentally get rid of some of these things from the beginning, because we know that they're going to happen, right? And so I hope the opportunity is exciting for folks that are working on those projects.”

“I can tell you, I've talked to no CISOs over the last 18 months where it's at the top of their project list. Generally speaking, ransomware is still at the top of that list. Again, the security fundamentals of being able to patch as quickly as possible, and then of course, recover from some types of these attacks.”

“We're not writing a new internet protocol for the metaverse, it's going to be IPv6 and IPv4. Generally speaking, it'll be IPv6, because it's a lot of new companies that are adopting it. Manipulation of that TCP/IP stack is still real, those threats exist all the time, adversaries take advantage.”

Read the full transcript here.

Footnotes

• What is Web3 and will it revolutionise the internet again?
• Microsoft signs $22bn deal to supply US Army with HoloLens devices
• Apple's mixed reality headset could debut in 2022
• Why AR, not VR, is the next big thing in business
• Meta's earnings are 'cause for concern' and 2023 looks even bleaker
• The future of virtual assistants might lie in the metaverse
• Did the Pentagon really ban Furbys?
• What is metaverse security?
• How to protect your endpoints
• If not passwords then what?
• What is TCP/IP?
• Whatever happened to IPv6?
• What is zero trust?
• What is GDPR? Everything you need to know, from requirements to fines
• What is the California Consumer Privacy Act (CCPA)?
• Understanding PCI compliance: The role of the channel
• What is Wi-Fi 7?
• US unveils next-gen encryption tools to withstand quantum computing attacks
• Seven steps to keeping metaverse meetings safe and secure
• Meta deepens metaverse partnership with Microsoft and Accenture, still lacks compelling business case
• Immersive tech can be more than just a gimmick
• Siemens and Nvidia partner on industrial metaverse concept
• Into the metaverse: Everything we learned from our virtual tour
• The metaverse is a waste of time, effort and processing power

Subscribe

• Subscribe to The IT Pro Podcast on Apple Podcasts
• Subscribe to The IT Pro Podcast on Google Podcasts
• Subscribe to The IT Pro Podcast on Spotify
• Subscribe to the IT Pro newsletter
• Subscribe to IT Pro 20/20