The term ‘metaverse’ was coined in 1992, as an online space combining virtual and physical worlds. And, the metaverse-like online multimedia platform, Second Life, which began in 2003, is still going, with almost 65 million active users.
Meanwhile, Meta – formerly Facebook – maintains optimism that its version of the metaverse will be on the horizon in five to 10 years. It estimates the metaverse will contribute $3 trillion plus to global GDP by 2031.
But only recently has the insurance sector seriously considered the Pandora’s box the metaverse presents.
Risks of the metaverse
US-based information security expert Bill Malik of Trend Micro says we don’t know the safety protocols our societies and regulators will need. We can, however, picture the risks as many sensors will monitor and classify humans, their moves and reactions. That’s a lot of data.
Malik suggests these risks include:
- Possible alteration or theft of an organisation’s intellectual property
- Privacy violations of individuals
- Criminal transactions
- In a ‘dark web’ version of the metaverse – called the darkverse – opportunities for illegal activities such as selling malware, trading stolen data and planning for physical world crimes.
Even the World Economic Forum has looked into the risks of the metaverse. It’s raised concerns about vulnerable groups, unwanted contact, violent extremist and terrorist content, plus the rise of virtual currencies. As well, research has shown that bad actors can hijack the online feed of those using virtual reality headsets. This includes theft of biometric data, payment information, and passwords or the instigation of unwanted contact.
The need for increased cyber protection
Malik also makes an important point about the increasing risks as online and physical worlds merge. If you plan to do business in the metaverse, you’ll need appropriate protection for:
- Information technology (IT)
- Operational technology (OT).
There are protocols to secure IT, but not for OT, which also lacks privacy design principles. That’s where bad actors can interfere with transactions, steal or change your product or service and your IP, introduce ransomware, compromise email, etc.
Businesses may also underestimate how much bandwidth, processing power and storage capacity they’ll need to operate in the metaverse. Issues such as social engineering, propaganda and fake news are expected to feature, so it could impact your business reputation if it becomes entangled.
Why insurers are thinking about metaverse insurance
Insurers are keeping a watching brief on the metaverse. They’re looking at how to insure crypto assets such as non-fungible tokens (artwork) and the marketplace network on which they reside. If the network goes down or is compromised, that artwork could be lost.
News site FinTech Global suggests there could be fewer insurance policies for the metaverse because risks such as earthquakes, fires, vandalism may not apply. The site also points to digital twins (of physical structures) as useful for virtual risk prevention and underwriting. That dynamic web 3.0 ‘internet of things’ view of a structure could even be used in claims management.
In the meantime, protect yourself with cyber insurance
Cyber insurance needs to be carefully considered if you see your business on the metaverse. It offers protection against diverse risks, including those relating to computers and networks & protecting business-critical data.
Such policies also encourage businesses to be proactive about risk management. That means not just strong policies, but oversight of their implementation. For example, you may have heard that the Medibank data hack occurred due to a single support desk not having two-factor authentication. We can guide you on improving your risk profile and customising insurance coverage to your unique business needs.