In anticipation of GSX, we sat down with presenters of upcoming sessions in order to get a better understanding of the topics at hand. This week we are featuring, “The Metaverse, NFTs, and the Future of Security in a Virtual World,” presented by Jon Harris, CPP, PSP, senior product manager at HiveWatch, Lee Oughton, COO and founder at Fortress – Risk Management, and Mary Gamble, an attorney at Gamble Legal, PLLC. Read on for what they had to say and don’t forget to register for GSX 2022!
Q: Tell us about your presentation and why should security professionals have this topic on their radar?
JH: The virtual world: once deemed the domain of video gamers, sci-fi movies, and chat-room enthusiasts, the Metaverse has evolved into a wide-ranging digital landscape that is changing the way we live, work, and play. In our session, we will discuss the projected impact on the security industry – from an assortment of different angles, such as security technology, personal protection, and compliance. Security professionals must have this topic on their radar, because those we serve definitely have it on theirs – we don’t need to be experts in NFTs, cryptocurrency, or digital twins, however we should have a basic understanding of topics and start to assess how it will impact what we do and how we do it. For example, I can see a world where we could pre-design facilities in the Metaverse and test how the security features impact the operations (throughput, processing time, etc.). From an operational intelligence perspective, it is another realm that will require some level of monitoring and evaluation for threat assessments. This is not something we can ignore in hopes that it is some passing trend.
Q: What advice would you give security professionals interested in this topic?
LO: Well, my most important advice that I can share right now is to ensure that you attend our panel as we will be diving deep, virtually swimming through the Metaverse, so that our peers within the community can have a better grasp on this hot topic. We will take a look at the threats, risks, vulnerabilities, and associated consequences that individuals may encounter. Through this process, we will also identify how we can then be better equipped in our security roles to educate our teams, business units, executives, and organizations on a whole about this ever-advancing environment. Mary, Jon, and I want to shine a light on this area because of its rapid rate of growth. As security & risk practitioners, we should always be one step ahead of bad actors and criminal activists. For too long now, we’ve over focused our attention on the traditional routes, and methods of how, why, and what kinds of crimes take place in the physical domain. Our digital footprint keeps growing exponentially, which is leaving us all open and vulnerable to attacks from dark forces! Now is the time to peer into the future. Please be ready for your mind to be pushed into another dimension.
Q: How do you see this issue evolving in the next 2-5 years?
MG: Iterations of the Metaverse have been around for years, but I think we will continue to see a significant evolution of both the Metaverse and NFTs in the coming years. In particular, with regard to NFTs, I see them moving away from use as primarily collector or currency items and towards a mainstream commercial integration for things like events and commercial engagement. I anticipate the Metaverse to similarly expand its engagement scope to provide a comprehensive platform for virtual engagement – spanning uses such as virtual shopping, dynamic social engagement – something like a social media plus product testing and modeling, training, and entertainment.
As my colleagues have said, we as practitioners don’t need to be experts, but we do need to understand the foundations of how NFTs and the Metaverse are being used so that we can guide safe and secure use from both sides of the transaction. From the organizational side this means understanding how the creation and integration of virtual elements aligns with an organization’s existing operations, how the organization intends to execute their use and engagement, and potential security risks spanning creation, implementation, maintenance, and discontinuance. From the consumer side this means understanding ways in which consumers are able to engage and opportunities for exploitation.