How to Ensure the Metaverse Is Safe From Cyber Attacks

By Thomas Johann Lorenz, Co-founder and Managing Partner, Journee

It’s official, the metaverse has arrived, and we are on track to making it a permanent part of our lives as an enhancement of our physical reality in the digital world. Other than the internet as we know it today, it is a means to create the kind of emotional and experiential connection between humans and brands that was previously only possible offline. It is the next stage in the evolution of virtual and existing humanistic technology experience that blurs the lines between the physical and digital world – a true meta-technology that enables new business models, forms of commerce, entertainment, communities, and experiences. In the near future, we can expect to see more meetings in the metaverse, social interactions, and maybe even real estate.

As the technology within the metaverse evolves, the quality and possibilities of this new space will only expand, leading to an exponential increase in the value and benefits it provides its users. It will become just as important and impactful to society and culture, as it will do an even better job of connecting people through its deep interactive capabilities.

However, while the metaverse presents many new opportunities, it will also bring new challenges. The biggest one yet is security. The first step would be to establish industry standards, as standard technological protocols will have to be developed to progress towards the metaverse vision. It won’t happen right away, because companies are still figuring out what these protocols will need to do. At the moment, we are looking at a blend of two approaches when it comes to security in the metaverse: verification through a central entity and peer-to-peer. Neither can currently completely replace the other and some specific cases will remain for each. But can see a trend towards decentralized verification (e.g. of transactions, of ownership). Decentralized platforms, such as alternatives to signing in with Google/Apple or other accounts, make it easier for developers to securely identify users and for users to retain control over their data. Decentralization will continue to grow and cover more and more use cases as we figure out the power distribution mechanisms required to build these systems. Decentralized systems are harder to build and grow, therefore they will always have a resiliency advantage over centralized systems and have the potential to replace them niche after niche. 

We are already very good at securely managing data at scale, but cybersecurity is a cat-and-mouse game where attackers and defenders constantly one-up each other. I am rooting for a move towards technical tools and protocols that are more secure by design, in order to leave less room for engineers (or users) to shoot themselves in the foot. If we talk about blockchain, it’s a good example of something that is sometimes believed to be secure by design, but it actually has massive security issues in the human processes around the technology. The other problem comes when we talk about “vast amounts of data”: the inefficiency of the blockchain is still a massive blocker and we do not have a clear path towards resources and energy efficiency at this time.

In addition to this, cryptocurrencies, which may be widely used within the metaverse, already attract criminals and may continue to do so in the new immersive world. In the case of blockchain-based, they have proved very resilient to technical attacks, which has proven to be a double-edged sword. They are so secure that criminals use them themselves as part of their crimes (e.g. for ransomware). To improve the security of digital assets, the human factor surrounding these technologies must be continuously addressed. No matter how secure the blockchain is, a key can be stolen or lost. Therefore, there is still a lot of room for improvements on the key management aspect, with the rising ubiquity of biometrics, for example. With ideas around digital avatars gaining traction, that means there is more and more value attached to these digital selves, as well as any other assets that may come from that. As they become closer to what we are and an ever-growing part of our identities, there is simply more at risk because more is at stake.

It is also important to educate the public more about cybersecurity, but also about the metaverse itself. The technology is progressing towards becoming more intuitive and seamless, but until it becomes indistinguishable from magic, not everyone will want to or be able to understand how to interact with and enjoy the metaverse.

About Thomas Johann Lorenz

Thomas is the Co-founder and Managing Partner of Journee, and also serves as the Managing Partner of Journee’s parent company, Waltz Binaire. Thomas studied at the Berlin University of Technology, where he earned a degree in Business Administration and Economics. Thomas founded his first company twenty years ago at age 18 and since then has been on a mission of identifying and leveraging innovation potential. Thomas is eager to promote the innovation potential in Europe. His focus with Journee is to leverage technology that will create sustainable shifts for organizations and society.


About Journee

Journee is a cutting-edge technology company specialized in providing immersive 3D-streamed experiences across all devices. The Germany-based technology provider uses the latest in innovation to create digital and hybrid interactions in virtual environments that aim to reshape the way we connect and interact. JOURNEE is headquartered in Berlin, Germany with a global team of 40 highly skilled people. For further information please visit

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.