Embedded Security for the MetaverseJuly 20, 2022 2022-07-20 12:13
Embedded Security for the Metaverse
Securing the Metaverse: 3 critical concepts
The physical and virtual worlds are already smoothly and ubiquitously interwoven. The metaverse will deepen this overlap and in very experiential ways that will create abundant space for business innovation. The metaverse is an unstoppable phenomenon that will take the digital user experience to new highs. There is already is a sprawling metaverse ecosystem comprising hundreds of companies, from Fortnite and Roblox to Microsoft and Meta (the renamed Facebook).
For companies, the metaverse presents attractive opportunities. For example, a leading pharmaceutical company used the Infosys XR platform to create a digital twin of their vaccine lab, enabling quality engineers to access critical vaccine culture data to help make predictions and decisions.
Similarly, an engineering consulting company took advantage of Infosys’ metaverse to prototype an immersive mixed reality workbench that inspects prospective engineering construction sites rendered as rich 3D assets. The capability was evolved and scaled for global use on Azure’s high-performance cloud, with ready support from Microsoft, a long-standing Infosys partner.
Today, it is nearly impossible to have a single pane of glass from which to manage end-to-end security. Almost every vendor has its own console, with numerous closed ecosystems and frequent functional duplication. Standards and greater use of APIs will allow clients to choose security management consoles that best meet their needs. But
there is limited availability of APIs and many of them are slow, unreliable and don’t scale well.
Over time, more sophisticated security engineering will mean that ‘zero trust’ will evolve into ‘zero touch’ with AI-based automation and control. There also needs to be a realization that legacy and on-prem systems will become increasingly risky over time, as almost all security innovation occurs in the cloud.
Cybersecurity is not something that can be delegated to a CISO with limited budget and authority, who is often forgotten about. It needs to be a responsibility shared by everyone and led by a CISO that has the backing of the board. Skills, too, remain a challenge. In time, automation will help solve the skills gap, but in the interim managed service security providers will play a critical role. In addition to specialist skills, basic security skills will need to be pervasive. Everyone in an organization, from reception to the board room, must understand the metaverse, including recognizing its unique security features and being able to raise the alarm when needed.
3. Embedded security for the metaverse
While security is increasingly being built into all products, services, and procedures, organizations also need to ensure that security is embedded in every process. For business operations to be effective, security needs to be viewed not just as a technology prerogative but as a business imperative. It should be baked in right from the start,
covering people, processes and technology. With organizations looking to jump on the metaverse bandwagon to offer an ‘out of the world’ experience, secure-by-design needs to extend beyond the gates of the enterprise. With most corporations acting as key nodes in the metaverse, security needs to be embedded into contracts with hosting entities.
Business leaders also need to speak the same language as their security counterparts, because their sponsorship will be instrumental in making sure employees and partners become more cognizant of the matter That, in turn, can emerge as a brand differentiator to customers.
The metaverse has the potential to unlock vast new opportunities for enterprises in virtually every sector of the economy. But realizing this opportunity will depend on enterprises investing in the creation of robust security and privacy protocols that build confidence in the space.
That process can’t start soon enough.