The Role of Cyber Threat Intelligence Sharing in the Metaverse

Abstract

The emergence of the Metaverse promises to provide several benefits to society, e.g., fully immersive and interactive environments in health-care, the workplace, and everyday life. However, it introduces a number of privacy and security concerns, including identity, network, and economy-related threats, for both providers and users of Metaverse-based applications, which remain unaddressed. In this article, we high-light the potential role of Cyber Threat Intelligence (CTI) sharing within the Metaverse context as a promising opportunity to address such privacy and security issues. CTI refers to the relevant, timely and actionable information about the latest threats and attacks. In particular, we examine how organizations could proactively manage the cyber risks associated with their digital infrastructure by participating in CTI sharing within a Metaverse context. We also propose that user-based CTI sharing should be considered within the Metaverse given the potential prevalence of a number of user-specific threats, e.g., identity-related threats. Finally, we emphasise that the integration of user-based sharing creates additional threat sharing flows between users as well as between organizations and users that are lacking from existing CTI sharing approaches, e.g., user-to-user, organization-to-user, and user-to-organization.